From 814549eeac9ea2e9139b65abed210a66714d046f Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Mon, 29 Jul 2019 09:21:51 -0400 Subject: [PATCH 001/113] Update waas-servicing-differences.md Added two clarifications regarding Windows 10 preview updates. I have consistently fielded questions about why they are 'missing' in people's enterprise environments. It almost always boils down to one of these two notes: they either weren't published to WSUS or they are looking for the word 'Preview' in the title. --- windows/deployment/update/waas-servicing-differences.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index 9e0f207f1f..59a90ea16e 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -85,6 +85,12 @@ Moving to the cumulative model for legacy OS versions continues to improve predi ## Public preview releases Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. +>[!NOTE] +>Only the preview updates for most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older version of Windows 10. + +>[!NOTE] +>Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. + ### Examples Windows 10 version 1709: - (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot. From 7edf0037d741a4de89ced2883d972b6fa097dc47 Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Tue, 30 Jul 2019 11:23:18 -0400 Subject: [PATCH 002/113] Update windows/deployment/update/waas-servicing-differences.md Looks great, thanks Johan! Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/deployment/update/waas-servicing-differences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index 59a90ea16e..0efe0f9245 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -86,7 +86,7 @@ Moving to the cumulative model for legacy OS versions continues to improve predi Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. >[!NOTE] ->Only the preview updates for most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older version of Windows 10. +>Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older versions of Windows 10. >[!NOTE] >Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. From 60061076ec3e43b224e728a08a0fe762459bd675 Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Tue, 30 Jul 2019 21:32:25 -0400 Subject: [PATCH 003/113] Update waas-servicing-differences.md Implement the MarkDown standard of using 1 space between the indent marker > and the [!Note] markers --- .../deployment/update/waas-servicing-differences.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index 0efe0f9245..9c6665e349 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -23,8 +23,8 @@ Today, many enterprise customers have a mix of modern and legacy client and serv The following provides an initial overview of how updating client and server differs between the Windows 10-era Operating Systems (such as, Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2). ->[!NOTE] ->A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc. +> [!NOTE] +> A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc. ## Infinite fragmentation Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates. @@ -85,11 +85,11 @@ Moving to the cumulative model for legacy OS versions continues to improve predi ## Public preview releases Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. ->[!NOTE] ->Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older versions of Windows 10. +> [!NOTE] +> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older versions of Windows 10. ->[!NOTE] ->Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. +> [!NOTE] +> Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. ### Examples Windows 10 version 1709: From 22b13d36b5c31132f3491b43a7183aec512bc27e Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Mon, 5 Aug 2019 12:39:08 -0400 Subject: [PATCH 004/113] Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> --- windows/deployment/update/waas-servicing-differences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index 9c6665e349..aea9cae248 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -89,7 +89,7 @@ Lastly, the cumulative update model directly impacts the public Preview releases > Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older versions of Windows 10. > [!NOTE] -> Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. +> Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. ### Examples Windows 10 version 1709: From 14d2cc316a46da124b636f7ad1eeaf6ad19671db Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Mon, 5 Aug 2019 12:39:36 -0400 Subject: [PATCH 005/113] Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> --- windows/deployment/update/waas-servicing-differences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index aea9cae248..b27d02f262 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -86,7 +86,7 @@ Moving to the cumulative model for legacy OS versions continues to improve predi Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. > [!NOTE] -> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel and products such as System Center Configuration Manager that rely on it will not see preview updates for older versions of Windows 10. +> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10. > [!NOTE] > Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. From b494098d24553cc68d407d9919b05e7bfc25fbe3 Mon Sep 17 00:00:00 2001 From: Bryan Dam Date: Tue, 13 Aug 2019 07:47:44 -0400 Subject: [PATCH 006/113] Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- windows/deployment/update/waas-servicing-differences.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index b27d02f262..b6e7746653 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -86,7 +86,7 @@ Moving to the cumulative model for legacy OS versions continues to improve predi Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. > [!NOTE] -> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10. +> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10. > [!NOTE] > Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. From 7b92d8e4e70972bd096f3a8808e1ee44ea12a1bc Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Wed, 14 Aug 2019 10:30:34 +0500 Subject: [PATCH 007/113] Updated the document Updated the steps in the document related to Windows Analytics Solutions. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4392 --- .../windows-analytics-FAQ-troubleshooting.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 423c82f71c..55b621454e 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -8,8 +8,10 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: deploy -audience: itpro author: greg-lindsay -ms.audience: itpro author: greg-lindsay +audience: itpro +author: greg-lindsay +ms.audience: itpro +author: greg-lindsay ms.localizationpriority: medium ms.collection: M365-analytics ms.topic: article @@ -53,12 +55,12 @@ If you've followed the steps in the [Enrolling devices in Windows Analytics](win ### Devices not appearing in Upgrade Readiness -In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and verify that you are subscribed to the Windows Analytics solutions you intend to use. +In Log Analytics, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use. Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog. >[!NOTE] -> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** remove the Upgrade Readiness solution, and then re-add it. +> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics.](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started) If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues: @@ -230,9 +232,7 @@ We have identified an incompatibility between AbnormalShutdownCount and the Limi If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps: -1. Unsubscribe from the Upgrade Readiness solution in Azure Portal. In Azure Portal, go to **Settings** > **Connected Sources** > **Windows Telemetry** and choose the **Unsubscribe** option. - - ![Upgrade Readiness unsubscribe](images/upgrade-analytics-unsubscribe.png) +1. Delete the Upgrade Readiness Solution in Log Analytics Workspace. In Log Analytics Workspace go to, **Solutions > Compatibility Assessment > Delete** 2. Disable the Commercial Data Opt-in Key on computers running Windows 7 SP1 or 8.1. On computers running Windows 10, set the diagnostic data level to **Security**: From 65b2a960682eb4d89a09560a768e7c743ae1b94a Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Thu, 15 Aug 2019 09:42:13 +0500 Subject: [PATCH 008/113] Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../deployment/update/windows-analytics-FAQ-troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 55b621454e..2eefdcaaa8 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -60,7 +60,7 @@ In Log Analytics, go to **Solutions** and verify that you are subscribed to the Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog. >[!NOTE] -> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics.](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started) +> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started). If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues: From 8725c0be012209e1840e2ea454815267411d0941 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 16 Aug 2019 09:21:41 +0500 Subject: [PATCH 009/113] Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> --- .../deployment/update/windows-analytics-FAQ-troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 2eefdcaaa8..32a276b7f1 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -232,7 +232,7 @@ We have identified an incompatibility between AbnormalShutdownCount and the Limi If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps: -1. Delete the Upgrade Readiness Solution in Log Analytics Workspace. In Log Analytics Workspace go to, **Solutions > Compatibility Assessment > Delete** +1. Delete the Upgrade Readiness solution in Log Analytics workspace. In Log Analytics workspace. select **Solutions** > **Compatibility Assessment** > **Delete**. 2. Disable the Commercial Data Opt-in Key on computers running Windows 7 SP1 or 8.1. On computers running Windows 10, set the diagnostic data level to **Security**: From 3db6bf270ca90563db0fbd7418bf978c2c26a861 Mon Sep 17 00:00:00 2001 From: Brent Kendall Date: Fri, 16 Aug 2019 14:15:36 -0700 Subject: [PATCH 010/113] Update autopilot-support.md Remove redundant line (PFE was the old term for an Ecosystem PM). And added new alias for Ecosystem PMs (after discussing all this with the Ecosystem PM managers). --- windows/deployment/windows-autopilot/autopilot-support.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/windows-autopilot/autopilot-support.md b/windows/deployment/windows-autopilot/autopilot-support.md index b3e02db65f..b93ac48408 100644 --- a/windows/deployment/windows-autopilot/autopilot-support.md +++ b/windows/deployment/windows-autopilot/autopilot-support.md @@ -7,7 +7,8 @@ ms.mktglfcycl: deploy ms.localizationpriority: low ms.sitesec: library ms.pagetype: deploy -audience: itpro author: greg-lindsay +audience: itpro +author: greg-lindsay ms.author: greglin ms.date: 10/31/2018 ms.reviewer: @@ -29,9 +30,8 @@ Before contacting the resources listed below for Windows Autopilot-related issue |---------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | OEM or Channel Partner registering devices as a CSP (via MPC) | Use the help resources available in MPC. Whether you are a named partner or a channel partner (distributor, reseller, SI, etc.), if you’re a CSP registering Autopilot devices through MPC (either manually or through the MPC API), your first-line of support should be the help resources within MPC. | | OEM registering devices using OEM Direct API | Contact MSOEMOPS@microsoft.com. Response time depends on priority:
Low – 120 hours
Normal – 72 hours
High – 24 hours
Immediate – 4 hours | -| OEM with a PFE | Reach out to your PFE for support. | | Partners with a Partner Technology Strategist (PTS) | If you have a PTS (whether you’re a CSP or not), you may first try working through your account’s specific Partner Technology Strategist (PTS). | -| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. | +| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. To learn more about Ecosystem PMs and the services they offer, contact epsoinfo@microsoft.com. | | Enterprise customers | Contact your Technical Account Manager (TAM), or Account Technology Strategist (ATS), or Customer Service Support (CSS) representative. | | End-user | Contact your IT administrator. | | Microsoft Partner Center (MPC) users | Use the [help resources](https://partner.microsoft.com/support) available in MPC. | From 6f3b63649781d7be170f97d169479ddfc570bdec Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 17 Aug 2019 10:35:03 +0500 Subject: [PATCH 011/113] Terminology Correction Terminology Correction --- .../deployment/update/windows-analytics-FAQ-troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 32a276b7f1..8ba5c114c5 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -55,7 +55,7 @@ If you've followed the steps in the [Enrolling devices in Windows Analytics](win ### Devices not appearing in Upgrade Readiness -In Log Analytics, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use. +In Log Analytics workspace, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use. Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog. From 51b22e4cfce1e7609c112be2235c595c999e8a1f Mon Sep 17 00:00:00 2001 From: Adam Gross Date: Sat, 17 Aug 2019 14:56:14 -0500 Subject: [PATCH 012/113] Incorrect Command Line Arguments According to this doc https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-setup-command-line-options the correct command line argument for ignoring dismissable warnings is /Compat IgnoreWarning not /compat /ignore warning as specified here in the docs. Also, the same incorrect message is included in the setupdiag.exe, so when the report is generated, it is providing incorrect guidance. --- windows/deployment/upgrade/setupdiag.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 355c0da246..edc918ffb2 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -211,7 +211,7 @@ Each rule name and its associated unique rule identifier are listed with a descr 8. CompatBlockedApplicationAutoUninstall – BEBA5BC6-6150-413E-8ACE-5E1EC8D34DD5 - This rule indicates there is an application that needs to be uninstalled before setup can continue. 9. CompatBlockedApplicationDismissable - EA52620B-E6A0-4BBC-882E-0686605736D9 - - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat /ignore warning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing. + - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat ignorewarning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing. 10. CompatBlockedApplicationManualUninstall - 9E912E5F-25A5-4FC0-BEC1-CA0EA5432FF4 - This rule indicates that an application without an Add/Remove Programs entry, is present on the system and blocking setup from continuing. This typically requires manual removal of the files associated with this application to continue. 11. HardblockDeviceOrDriver - ED3AEFA1-F3E2-4F33-8A21-184ADF215B1B From 88f69339a1a2ed2653c68c9b1fd743b907727f59 Mon Sep 17 00:00:00 2001 From: DocsPreview <49669258+DocsPreview@users.noreply.github.com> Date: Mon, 19 Aug 2019 14:45:06 -0700 Subject: [PATCH 013/113] Merge changes from master to live (#950) * v 1.6 * removed a known issue * removed references to CB, CBB * Latest changes for publish today (#949) --- .../manage-windows-updates-for-surface-hub.md | 3 +- devices/surface/ltsb-for-surface.md | 13 +- windows/deployment/deploy-whats-new.md | 369 +++++++++--------- windows/deployment/upgrade/setupdiag.md | 95 +++-- .../resolved-issues-windows-10-1607.yml | 8 +- .../resolved-issues-windows-10-1703.yml | 6 - .../resolved-issues-windows-10-1709.yml | 8 +- .../resolved-issues-windows-10-1803.yml | 18 +- ...indows-10-1809-and-windows-server-2019.yml | 2 + ...ndows-7-and-windows-server-2008-r2-sp1.yml | 19 +- ...windows-8.1-and-windows-server-2012-r2.yml | 16 +- ...esolved-issues-windows-server-2008-sp2.yml | 14 +- .../resolved-issues-windows-server-2012.yml | 16 +- ...indows-10-1607-and-windows-server-2016.yml | 4 +- .../status-windows-10-1709.yml | 4 +- .../status-windows-10-1803.yml | 8 +- ...indows-10-1809-and-windows-server-2019.yml | 4 +- .../status-windows-10-1903.yml | 4 +- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 4 +- ...windows-8.1-and-windows-server-2012-r2.yml | 4 +- .../status-windows-server-2008-sp2.yml | 4 +- .../status-windows-server-2012.yml | 4 +- 22 files changed, 317 insertions(+), 310 deletions(-) diff --git a/devices/surface-hub/manage-windows-updates-for-surface-hub.md b/devices/surface-hub/manage-windows-updates-for-surface-hub.md index 01c378c14a..4535bd1f1b 100644 --- a/devices/surface-hub/manage-windows-updates-for-surface-hub.md +++ b/devices/surface-hub/manage-windows-updates-for-surface-hub.md @@ -10,7 +10,6 @@ ms.sitesec: library author: dansimp ms.author: dansimp ms.topic: article -ms.date: 06/20/2019 ms.localizationpriority: medium --- @@ -69,7 +68,7 @@ This table gives examples of deployment rings. | Deployment ring | Ring size | Servicing branch | Deferral for feature updates | Deferral for quality updates (security fixes, drivers, and other updates) | Validation step | | --------- | --------- | --------- | --------- | --------- | --------- | -| Preview (e.g. non-critical or test devices) | Small | Semi-annual channel (Targeted) | None. | None. | Manually test and evaluate new functionality. Pause updates if there are issues. | +| Preview (e.g. non-critical or test devices) | Small | Windows Insider Preview | None. | None. | Manually test and evaluate new functionality. Pause updates if there are issues. | | Release (e.g. devices used by select teams) | Medium | Semi-annual channel | None. | None. | Monitor device usage and user feedback. Pause updates if there are issues. | | Broad deployment (e.g. most of the devices in your organization) | Large | Semi-annual channel | 120 days after release. | 7-14 days after release. | Monitor device usage and user feedback. Pause updates if there are issues. | | Mission critical (e.g. devices in executive boardrooms) | Small | Semi-annual channel | 180 days after release (maximum deferral for feature updates). | 30 days after release (maximum deferral for quality updates). | Monitor device usage and user feedback. | diff --git a/devices/surface/ltsb-for-surface.md b/devices/surface/ltsb-for-surface.md index d7e5bdc7d7..225135d993 100644 --- a/devices/surface/ltsb-for-surface.md +++ b/devices/surface/ltsb-for-surface.md @@ -1,5 +1,5 @@ --- -title: Long-Term Servicing Branch for Surface devices (Surface) +title: Long-Term Servicing Channel for Surface devices (Surface) description: LTSB is not supported for general-purpose Surface devices and should be used for specialized devices only. ms.prod: w10 ms.mktglfcycl: manage @@ -8,26 +8,25 @@ ms.sitesec: library author: dansimp ms.author: dansimp ms.topic: article -ms.date: 04/25/2017 ms.reviewer: manager: dansimp --- -# Long-Term Servicing Branch (LTSB) for Surface devices +# Long-Term Servicing Channel (LTSC) for Surface devices >[!WARNING] >For updated information on this topic, see [Surface device compatibility with Windows 10 Long-Term Servicing Channel](surface-device-compatibility-with-windows-10-ltsc.md). For additional information on this update, see the [Documentation Updates for Surface and Windows 10 LTSB Compatibility](https://blogs.technet.microsoft.com/surface/2017/04/11/documentation-updates-for-surface-and-windows-10-ltsb-compatibility) post on the Surface Blog for IT Pros. -General-purpose Surface devices running Long-Term Servicing Branch (LTSB) are not supported. As a general guideline, if a Surface device runs productivity software, such as Microsoft Office, it is a general-purpose device that does not qualify for LTSB and should instead run Current Branch (CB) or Current Branch for Business (CBB). +General-purpose Surface devices in the Long-Term Servicing Channel (LTSC) are not supported. As a general guideline, if a Surface device runs productivity software, such as Microsoft Office, it is a general-purpose device that does not qualify for LTSC and should instead be on the Semi-Annual Channel. >[!NOTE] >For more information about the servicing branches, see [Overview of Windows as a service](https://technet.microsoft.com/itpro/windows/manage/waas-overview). -LTSB prevents Surface devices from receiving critical Windows 10 feature updates and certain non-security servicing updates. Customers with poor experiences using Surface devices in the LTSB configuration will be instructed to upgrade to CB or CBB. Furthermore, the Windows 10 Enterprise LTSB edition removes core features of Surface devices, including seamless inking and touch-friendly applications. It does not contain key in-box applications including Microsoft Edge, OneNote, Calendar or Camera. Therefore, productivity is impacted and functionality is limited. LTSB is not supported as a suitable servicing solution for general-purpose Surface devices. +LTSC prevents Surface devices from receiving critical Windows 10 feature updates and certain non-security servicing updates. Customers with poor experiences using Surface devices in the LTSC configuration will be instructed to switch to the Semi-Annual Channel. Furthermore, the Windows 10 Enterprise LTSB edition removes core features of Surface devices, including seamless inking and touch-friendly applications. It does not contain key in-box applications including Microsoft Edge, OneNote, Calendar or Camera. Therefore, productivity is impacted and functionality is limited. LTSC is not supported as a suitable servicing solution for general-purpose Surface devices. -General-purpose Surface devices are intended to run CB or CBB to receive full servicing and firmware updates and forward compatibility with the introduction of new Surface features. With CB, feature updates are available as soon as Microsoft releases them. Customers in the CBB servicing model receive the same build of Windows 10 as those in CB, at a later date. +General-purpose Surface devices are intended to run on the Semi-Annual Channel to receive full servicing and firmware updates and forward compatibility with the introduction of new Surface features. In the Semi-Annual Channel, feature updates are available as soon as Microsoft releases them. -Surface devices in specialized scenarios–such as PCs that control medical equipment, point-of-sale systems, and ATMs–may consider the use of LTSB. These special-purpose systems typically perform a single task and do not require feature updates as frequently as other devices in the organization. +Surface devices in specialized scenarios–such as PCs that control medical equipment, point-of-sale systems, and ATMs–might consider the use of LTSC. These special-purpose systems typically perform a single task and do not require feature updates as frequently as other devices in the organization. diff --git a/windows/deployment/deploy-whats-new.md b/windows/deployment/deploy-whats-new.md index 85ffed51b0..e32aae1631 100644 --- a/windows/deployment/deploy-whats-new.md +++ b/windows/deployment/deploy-whats-new.md @@ -1,184 +1,185 @@ ---- -title: What's new in Windows 10 deployment -ms.reviewer: -manager: laurawi -ms.author: greglin -description: Changes and new features related to Windows 10 deployment -keywords: deployment, automate, tools, configure, news -ms.mktglfcycl: deploy -ms.localizationpriority: medium -ms.prod: w10 -ms.sitesec: library -ms.pagetype: deploy -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# What's new in Windows 10 deployment - -**Applies to** -- Windows 10 - -## In this topic - -This topic provides an overview of new solutions and online content related to deploying Windows 10 in your organization. - -- For an all-up overview of new features in Windows 10, see [What's new in Windows 10](https://docs.microsoft.com/windows/whats-new/index). -- For a detailed list of changes to Windows 10 ITPro TechNet library content, see [Online content change history](#online-content-change-history). - -## Recent additions to this page - -[SetupDiag](#setupdiag) 1.4.1 is released.
-The [Windows ADK for Windows 10, version 1903](https://docs.microsoft.com/windows-hardware/get-started/adk-install) is available.
-New [Windows Autopilot](#windows-autopilot) content is available.
-[Windows 10 Subscription Activation](#windows-10-subscription-activation) now supports Windows 10 Education. - -## The Modern Desktop Deployment Center - -The [Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home) has launched with tons of content to help you with large-scale deployment of Windows 10 and Office 365 ProPlus. - -## Microsoft 365 - -Microsoft 365 is a new offering from Microsoft that combines -- Windows 10 -- Office 365 -- Enterprise Mobility and Security (EMS). - -See [Deploy Windows 10 with Microsoft 365](deploy-m365.md) for an overview, which now includes a link to download a nifty [M365 Enterprise poster](deploy-m365.md#m365-enterprise-poster). - -## Windows 10 servicing and support - -- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon! -- [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed. -- [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period. -- **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally. -- **Pause updates**: We have extended the ability to pause updates for both feature and monthly updates. This extension ability is for all editions of Windows 10, including Home. You can pause both feature and monthly updates for up to 35 days (seven days at a time, up to five times). Once the 35-day pause period is reached, you will need to update your device before pausing again. -- **Improved update notifications**: When there’s an update requiring you to restart your device, you’ll see a colored dot on the Power button in the Start menu and on the Windows icon in your taskbar. -- **Intelligent active hours**: To further enhance active hours, users will now have the option to let Windows Update intelligently adjust active hours based on their device-specific usage patterns. You must enable the intelligent active hours feature for the system to predict device-specific usage patterns. -- **Improved update orchestration to improve system responsiveness**: This feature will improve system performance by intelligently coordinating Windows updates and Microsoft Store updates, so they occur when users are away from their devices to minimize disruptions. - -Microsoft previously announced that we are [extending support](https://www.microsoft.com/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop) for Windows 10 Enterprise and Windows 10 Education editions to 30 months from the version release date. This includes all past versions and future versions that are targeted for release in September (versions ending in 09, ex: 1809). Future releases that are targeted for release in March (versions ending in 03, ex: 1903) will continue to be supported for 18 months from their release date. All releases of Windows 10 Home, Windows 10 Pro, and Office 365 ProPlus will continue to be supported for 18 months (there is no change for these editions). These support policies are summarized in the table below. - -![Support lifecycle](images/support-cycle.png) - -## Windows 10 Enterprise upgrade - -Windows 10 version 1703 includes a Windows 10 Enterprise E3 and E5 benefit to Microsoft customers with Enterprise Agreements (EA) or Microsoft Products & Services Agreements (MPSA). These customers can now subscribe users to Windows 10 Enterprise E3 or E5 and activate their subscriptions on up to five devices. Virtual machines can also be activated. For more information, see [Windows 10 Enterprise Subscription Activation](windows-10-subscription-activation.md). - -Windows 10 Enterprise E3 launched in the Cloud Solution Provider (CSP) channel on September 1, 2016. Previously, only organizations with a Microsoft Volume Licensing Agreement could deploy Windows 10 Enterprise to their users. With Windows 10 Enterprise E3 in CSP, small and medium-sized organizations can more easily take advantage of Windows 10 Enterprise features. - -For more information, see [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) - - -## Deployment solutions and tools - -### Windows Autopilot - -[Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot) streamlines and automates the process of setting up and configuring new devices, with minimal interaction required from the end user. You can also use Windows Autopilot to reset, repurpose and recover devices. - -The following Windows Autopilot features are available in Windows 10, version 1903 and later: - -- [Windows Autopilot for white glove deployment](https://docs.microsoft.com/windows/deployment/windows-autopilot/white-glove) is new in Windows 10, version 1903. "White glove" deployment enables partners or IT staff to pre-provision devices so they are fully configured and business ready for your users. -- The Intune [enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status) (ESP) now tracks Intune Management Extensions​. -- [Cortana voiceover](https://docs.microsoft.com/windows-hardware/customize/desktop/cortana-voice-support) and speech recognition during OOBE is disabled by default for all Windows 10 Pro Education, and Enterprise SKUs. -- Windows Autopilot is self-updating during OOBE. Starting with the Windows 10, version 1903 Autopilot functional and critical updates will begin downloading automatically during OOBE. -- Windows Autopilot will set the [diagnostics data](https://docs.microsoft.com/windows/privacy/windows-diagnostic-data) level to Full on Windows 10 version 1903 and later during OOBE. - -### Windows 10 Subscription Activation - -Windows 10 Education support has been added to Windows 10 Subscription Activation. - -With Windows 10, version 1903, you can step-up from Windows 10 Pro Education to the enterprise-grade edition for educational institutions – Windows 10 Education. For more information, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation). - -### SetupDiag - -[SetupDiag](upgrade/setupdiag.md) is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. - -SetupDiag version 1.4.1 was released on 5/17/2019. - -### Upgrade Readiness - -The Upgrade Readiness tool moved from public preview to general availability on March 2, 2017. - -Upgrade Readiness helps you ensure that applications and drivers are ready for a Windows 10 upgrade. The solution provides up-to-date application and driver inventory, information about known issues, troubleshooting guidance, and per-device readiness and tracking details. - -The development of Upgrade Readiness has been heavily influenced by input from the community the development of new features is ongoing. To begin using Upgrade Readiness, add it to an existing Operation Management Suite (OMS) workspace or sign up for a new OMS workspace with the Upgrade Readiness solution enabled. - -For more information about Upgrade Readiness, see the following topics: - -- [Windows Analytics blog](https://aka.ms/blog/WindowsAnalytics/) -- [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) - - -### Update Compliance - -Update Compliance helps you to keep Windows 10 devices in your organization secure and up-to-date. - -Update Compliance is a solution built using OMS Logs and Analytics that provides information about installation status of monthly quality and feature updates. Details are provided about the deployment progress of existing updates and the status of future updates. Information is also provided about devices that might need attention to resolve issues. - -For more information about Update Compliance, see [Monitor Windows Updates with Update Compliance](update/update-compliance-monitor.md). - -### Device Health - -Device Health is the newest Windows Analytics solution that complements the existing Upgrade Readiness and Update Compliance solutions by helping to identify devices crashes and the cause. Device drivers that are causing crashes are identified along with alternative drivers that might reduce the number of crashes. Windows Information Protection misconfigurations are also identified. For more information, see [Monitor the health of devices with Device Health](update/device-health-monitor.md) - -### MBR2GPT - -MBR2GPT.EXE converts a disk from Master Boot Record (MBR) to GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. Previously, it was necessary to image, then wipe and reload a disk to change from MBR format to GPT. - -There are many benefits to converting the partition style of a disk to GPT, including the use of larger disk partitions, added data reliability, and faster boot and shutdown speeds. The GPT format also enables you to use the Unified Extensible Firmware Interface (UEFI) which replaces the Basic Input/Output System (BIOS) firmware interface. Security features of Windows 10 that require UEFI mode include: Secure Boot, Early Launch Anti-malware (ELAM) driver, Windows Trusted Boot, Measured Boot, Device Guard, Credential Guard, and BitLocker Network Unlock. - -For more information, see [MBR2GPT.EXE](mbr-to-gpt.md). - - -### Microsoft Deployment Toolkit (MDT) - -MDT build 8456 (12/19/2018) is available, including support for Windows 10, version 1809, and Windows Server 2019. - -For more information about MDT, see the [MDT resource page](https://docs.microsoft.com/sccm/mdt/). - - -### Windows Assessment and Deployment Kit (ADK) - -The Windows Assessment and Deployment Kit (Windows ADK) contains tools that can be used by IT Pros to deploy Windows. See the following topics: - -- [What's new in ADK kits and tools](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-kits-and-tools) -- [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md) - - -## Testing and validation guidance - -### Windows 10 deployment proof of concept (PoC) - -The Windows 10 PoC guide enables you to test Windows 10 deployment in a virtual environment and become familiar with deployment tools such as MDT and Configuration Manager. The PoC guide provides step-by-step instructions for installing and using Hyper-V to create a virtual lab environment. The guide makes extensive use of Windows PowerShell to streamline each phase of the installation and setup. - -For more information, see the following guides: - -- [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) -- [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) -- [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md) - - -## Troubleshooting guidance - -[Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) was published in October of 2016 and will continue to be updated with new fixes. The topic provides a detailed explanation of the Windows 10 upgrade process and instructions on how to locate, interpret, and resolve specific errors that can be encountered during the upgrade process. - - -## Online content change history - -The following topics provide a change history for Windows 10 ITPro TechNet library content related to deploying and using Windows 10. - -[Change history for Deploy Windows 10](change-history-for-deploy-windows-10.md) -
[Change history for Access Protection](/windows/access-protection/change-history-for-access-protection) -
[Change history for Device Security](/windows/device-security/change-history-for-device-security) -
[Change history for Threat Protection](/windows/threat-protection/change-history-for-threat-protection) - - -## Related topics - -[Overview of Windows as a service](update/waas-overview.md) -
[Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md) -
[Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information) -
[Windows 10 Specifications & Systems Requirements](https://www.microsoft.com/en-us/windows/windows-10-specifications) -
[Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) -
[Windows 10 deployment tools](windows-deployment-scenarios-and-tools.md) +--- +title: What's new in Windows 10 deployment +ms.reviewer: +manager: laurawi +ms.author: greglin +description: Changes and new features related to Windows 10 deployment +keywords: deployment, automate, tools, configure, news +ms.mktglfcycl: deploy +ms.localizationpriority: medium +ms.prod: w10 +ms.sitesec: library +ms.pagetype: deploy +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# What's new in Windows 10 deployment + +**Applies to** +- Windows 10 + +## In this topic + +This topic provides an overview of new solutions and online content related to deploying Windows 10 in your organization. + +- For an all-up overview of new features in Windows 10, see [What's new in Windows 10](https://docs.microsoft.com/windows/whats-new/index). +- For a detailed list of changes to Windows 10 ITPro TechNet library content, see [Online content change history](#online-content-change-history). + +## Recent additions to this page + +[SetupDiag](#setupdiag) 1.6.0 is released.
+The [Windows ADK for Windows 10, version 1903](https://docs.microsoft.com/windows-hardware/get-started/adk-install) is available.
+New [Windows Autopilot](#windows-autopilot) content is available.
+[Windows 10 Subscription Activation](#windows-10-subscription-activation) now supports Windows 10 Education. + +## The Modern Desktop Deployment Center + +The [Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home) has launched with tons of content to help you with large-scale deployment of Windows 10 and Office 365 ProPlus. + +## Microsoft 365 + +Microsoft 365 is a new offering from Microsoft that combines +- Windows 10 +- Office 365 +- Enterprise Mobility and Security (EMS). + +See [Deploy Windows 10 with Microsoft 365](deploy-m365.md) for an overview, which now includes a link to download a nifty [M365 Enterprise poster](deploy-m365.md#m365-enterprise-poster). + +## Windows 10 servicing and support + +- [**Delivery Optimization**](https://docs.microsoft.com/windows/deployment/update/waas-delivery-optimization): Improved Peer Efficiency for enterprises and educational institutions with complex networks is enabled with of [new policies](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deliveryoptimization). This now supports Office 365 ProPlus updates, and Intune content, with System Center Configuration Manager content coming soon! +- [**Automatic Restart Sign-on (ARSO)**](https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#automatic-restart-and-sign-on-arso-for-enterprises-build-18305): Windows will automatically logon as the user and lock their device in order to complete the update, ensuring that when the user returns and unlocks the device, the update will be completed. +- [**Windows Update for Business**](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523): There will now be a single, common start date for phased deployments (no more SAC-T designation). In addition, there will a new notification and reboot scheduling experience for end users, the ability to enforce update installation and reboot deadlines, and the ability to provide end user control over reboots for a specific time period. +- **Update rollback improvements**: You can now automatically recover from startup failures by removing updates if the startup failure was introduced after the installation of recent driver or quality updates. When a device is unable to start up properly after the recent installation of Quality of driver updates, Windows will now automatically uninstall the updates to get the device back up and running normally. +- **Pause updates**: We have extended the ability to pause updates for both feature and monthly updates. This extension ability is for all editions of Windows 10, including Home. You can pause both feature and monthly updates for up to 35 days (seven days at a time, up to five times). Once the 35-day pause period is reached, you will need to update your device before pausing again. +- **Improved update notifications**: When there’s an update requiring you to restart your device, you’ll see a colored dot on the Power button in the Start menu and on the Windows icon in your taskbar. +- **Intelligent active hours**: To further enhance active hours, users will now have the option to let Windows Update intelligently adjust active hours based on their device-specific usage patterns. You must enable the intelligent active hours feature for the system to predict device-specific usage patterns. +- **Improved update orchestration to improve system responsiveness**: This feature will improve system performance by intelligently coordinating Windows updates and Microsoft Store updates, so they occur when users are away from their devices to minimize disruptions. + +Microsoft previously announced that we are [extending support](https://www.microsoft.com/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop) for Windows 10 Enterprise and Windows 10 Education editions to 30 months from the version release date. This includes all past versions and future versions that are targeted for release in September (versions ending in 09, ex: 1809). Future releases that are targeted for release in March (versions ending in 03, ex: 1903) will continue to be supported for 18 months from their release date. All releases of Windows 10 Home, Windows 10 Pro, and Office 365 ProPlus will continue to be supported for 18 months (there is no change for these editions). These support policies are summarized in the table below. + +![Support lifecycle](images/support-cycle.png) + +## Windows 10 Enterprise upgrade + +Windows 10 version 1703 includes a Windows 10 Enterprise E3 and E5 benefit to Microsoft customers with Enterprise Agreements (EA) or Microsoft Products & Services Agreements (MPSA). These customers can now subscribe users to Windows 10 Enterprise E3 or E5 and activate their subscriptions on up to five devices. Virtual machines can also be activated. For more information, see [Windows 10 Enterprise Subscription Activation](windows-10-subscription-activation.md). + +Windows 10 Enterprise E3 launched in the Cloud Solution Provider (CSP) channel on September 1, 2016. Previously, only organizations with a Microsoft Volume Licensing Agreement could deploy Windows 10 Enterprise to their users. With Windows 10 Enterprise E3 in CSP, small and medium-sized organizations can more easily take advantage of Windows 10 Enterprise features. + +For more information, see [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) + + +## Deployment solutions and tools + +### Windows Autopilot + +[Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot) streamlines and automates the process of setting up and configuring new devices, with minimal interaction required from the end user. You can also use Windows Autopilot to reset, repurpose and recover devices. + +The following Windows Autopilot features are available in Windows 10, version 1903 and later: + +- [Windows Autopilot for white glove deployment](https://docs.microsoft.com/windows/deployment/windows-autopilot/white-glove) is new in Windows 10, version 1903. "White glove" deployment enables partners or IT staff to pre-provision devices so they are fully configured and business ready for your users. +- The Intune [enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status) (ESP) now tracks Intune Management Extensions​. +- [Cortana voiceover](https://docs.microsoft.com/windows-hardware/customize/desktop/cortana-voice-support) and speech recognition during OOBE is disabled by default for all Windows 10 Pro Education, and Enterprise SKUs. +- Windows Autopilot is self-updating during OOBE. Starting with the Windows 10, version 1903 Autopilot functional and critical updates will begin downloading automatically during OOBE. +- Windows Autopilot will set the [diagnostics data](https://docs.microsoft.com/windows/privacy/windows-diagnostic-data) level to Full on Windows 10 version 1903 and later during OOBE. + +### Windows 10 Subscription Activation + +Windows 10 Education support has been added to Windows 10 Subscription Activation. + +With Windows 10, version 1903, you can step-up from Windows 10 Pro Education to the enterprise-grade edition for educational institutions – Windows 10 Education. For more information, see [Windows 10 Subscription Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation). + +### SetupDiag + +[SetupDiag](upgrade/setupdiag.md) is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. + +SetupDiag version 1.4.1 was released on 5/17/2019. + +### Upgrade Readiness + +The Upgrade Readiness tool moved from public preview to general availability on March 2, 2017. + +Upgrade Readiness helps you ensure that applications and drivers are ready for a Windows 10 upgrade. The solution provides up-to-date application and driver inventory, information about known issues, troubleshooting guidance, and per-device readiness and tracking details. + +The development of Upgrade Readiness has been heavily influenced by input from the community the development of new features is ongoing. To begin using Upgrade Readiness, add it to an existing Operation Management Suite (OMS) workspace or sign up for a new OMS workspace with the Upgrade Readiness solution enabled. + +For more information about Upgrade Readiness, see the following topics: + +- [Windows Analytics blog](https://aka.ms/blog/WindowsAnalytics/) +- [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) + + +### Update Compliance + +Update Compliance helps you to keep Windows 10 devices in your organization secure and up-to-date. + +Update Compliance is a solution built using OMS Logs and Analytics that provides information about installation status of monthly quality and feature updates. Details are provided about the deployment progress of existing updates and the status of future updates. Information is also provided about devices that might need attention to resolve issues. + +For more information about Update Compliance, see [Monitor Windows Updates with Update Compliance](update/update-compliance-monitor.md). + +### Device Health + +Device Health is the newest Windows Analytics solution that complements the existing Upgrade Readiness and Update Compliance solutions by helping to identify devices crashes and the cause. Device drivers that are causing crashes are identified along with alternative drivers that might reduce the number of crashes. Windows Information Protection misconfigurations are also identified. For more information, see [Monitor the health of devices with Device Health](update/device-health-monitor.md) + +### MBR2GPT + +MBR2GPT.EXE converts a disk from Master Boot Record (MBR) to GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. Previously, it was necessary to image, then wipe and reload a disk to change from MBR format to GPT. + +There are many benefits to converting the partition style of a disk to GPT, including the use of larger disk partitions, added data reliability, and faster boot and shutdown speeds. The GPT format also enables you to use the Unified Extensible Firmware Interface (UEFI) which replaces the Basic Input/Output System (BIOS) firmware interface. Security features of Windows 10 that require UEFI mode include: Secure Boot, Early Launch Anti-malware (ELAM) driver, Windows Trusted Boot, Measured Boot, Device Guard, Credential Guard, and BitLocker Network Unlock. + +For more information, see [MBR2GPT.EXE](mbr-to-gpt.md). + + +### Microsoft Deployment Toolkit (MDT) + +MDT build 8456 (12/19/2018) is available, including support for Windows 10, version 1809, and Windows Server 2019. + +For more information about MDT, see the [MDT resource page](https://docs.microsoft.com/sccm/mdt/). + + +### Windows Assessment and Deployment Kit (ADK) + +The Windows Assessment and Deployment Kit (Windows ADK) contains tools that can be used by IT Pros to deploy Windows. See the following topics: + +- [What's new in ADK kits and tools](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-kits-and-tools) +- [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md) + + +## Testing and validation guidance + +### Windows 10 deployment proof of concept (PoC) + +The Windows 10 PoC guide enables you to test Windows 10 deployment in a virtual environment and become familiar with deployment tools such as MDT and Configuration Manager. The PoC guide provides step-by-step instructions for installing and using Hyper-V to create a virtual lab environment. The guide makes extensive use of Windows PowerShell to streamline each phase of the installation and setup. + +For more information, see the following guides: + +- [Step by step guide: Configure a test lab to deploy Windows 10](windows-10-poc.md) +- [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) +- [Deploy Windows 10 in a test lab using System Center Configuration Manager](windows-10-poc-sc-config-mgr.md) + + +## Troubleshooting guidance + +[Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) was published in October of 2016 and will continue to be updated with new fixes. The topic provides a detailed explanation of the Windows 10 upgrade process and instructions on how to locate, interpret, and resolve specific errors that can be encountered during the upgrade process. + + +## Online content change history + +The following topics provide a change history for Windows 10 ITPro TechNet library content related to deploying and using Windows 10. + +[Change history for Deploy Windows 10](change-history-for-deploy-windows-10.md) +
[Change history for Access Protection](/windows/access-protection/change-history-for-access-protection) +
[Change history for Device Security](/windows/device-security/change-history-for-device-security) +
[Change history for Threat Protection](/windows/threat-protection/change-history-for-threat-protection) + + +## Related topics + +[Overview of Windows as a service](update/waas-overview.md) +
[Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md) +
[Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information) +
[Windows 10 Specifications & Systems Requirements](https://www.microsoft.com/en-us/windows/windows-10-specifications) +
[Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) +
[Windows 10 deployment tools](windows-deployment-scenarios-and-tools.md) diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index 355c0da246..b413218f3d 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -28,7 +28,8 @@ ms.topic: article ## About SetupDiag -Current version of SetupDiag: 1.5.0.0 +Current version of SetupDiag: 1.6.0.0 +>Always be sure to run the most recent version of SetupDiag, so that can access new functionality and fixes to known issues. SetupDiag is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. @@ -147,7 +148,6 @@ SetupDiag.exe /Output:C:\SetupDiag\Dumpdebug.log /LogsPath:D:\Dump ## Known issues 1. Some rules can take a long time to process if the log files involved are large. -2. If the failing computer is opted into the Insider program and getting regular pre-release updates, or an update is already pending on the computer when SetupDiag is run, it can encounter problems trying to open these log files. This will likely cause a failure to determine a root cause. In this case, try gathering the log files and running SetupDiag in offline mode. ## Sample output @@ -157,7 +157,7 @@ The following is an example where SetupDiag is run in offline mode. ``` D:\SetupDiag>SetupDiag.exe /output:c:\setupdiag\result.xml /logspath:D:\Tests\Logs\f55be736-beed-4b9b-aedf-c133536c946e /format:xml -SetupDiag v1.5.0.0 +SetupDiag v1.6.0.0 Copyright (c) Microsoft Corporation. All rights reserved. Searching for setup logs... @@ -318,55 +318,68 @@ Each rule name and its associated unique rule identifier are listed with a descr ## Release notes +08/08/2019 - SetupDiag v1.6.0.0 is released with 60 rules, as a standalone tool available from the Download Center. + - Log detection performance is improved. What used to take up to a minute should take around 10 seconds or less. + - Added Setup Operation and Setup Phase information to both the results log and the registry information. + - This is the last Operation and Phase that Setup was in when the failure occurred. + - Added detailed Setup Operation and Setup Phase information (and timing) to output log when /verbose is specified. + - Note, if the issue found is a compat block, no Setup Operation or Phase info exists yet and therefore won’t be available. + - Added more info to the Registry output. + - Detailed ‘FailureData’ info where available. Example: “AppName = MyBlockedApplication” or “DiskSpace = 6603” (in MB) + - “Key = Value” data specific to the failure found. + - Added ‘UpgradeStartTime’, ‘UpgradeEndTime’ and ‘UpgradeElapsedTime’ + - Added ‘SetupDiagVersion’, ‘DateTime’ (to indicate when SetupDiag was executed on the system), ‘TargetOSVersion’, ‘HostOSVersion’ and more… + + 06/19/2019 - SetupDiag v1.5.0.0 is released with 60 rules, as a standalone tool available from the Download Center. -- All date and time outputs are updated to localized format per user request. -- Added setup Operation and Phase information to /verbose log. -- Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below). -- Performance improvement in searching setupact.logs to determine correct log to parse. -- Added SetupDiag version number to text report (xml and json always had it). -- Added "no match" reports for xml and json per user request. -- Formatted Json output for easy readability. -- Performance improvements when searching for setup logs; this should be much faster now. -- Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information. -- Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag** - - The **/AddReg** command was added to toggle registry output. This setting is off by default for offline mode, and on by default for online mode. The command has no effect for online mode and enables registry output for offline mode. - - This registry key is deleted as soon as SetupDiag is run a second time, and replaced with current data, so it’s always up to date. - - This registry key also gets deleted when a new update instance is invoked. - - For an example, see [Sample registry key](#sample-registry-key). + - All date and time outputs are updated to localized format per user request. + - Added setup Operation and Phase information to /verbose log. + - Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below). + - Performance improvement in searching setupact.logs to determine correct log to parse. + - Added SetupDiag version number to text report (xml and json always had it). + - Added "no match" reports for xml and json per user request. + - Formatted Json output for easy readability. + - Performance improvements when searching for setup logs; this should be much faster now. + - Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information. + - Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag** + - The **/AddReg** command was added to toggle registry output. This setting is off by default for offline mode, and on by default for online mode. The command has no effect for online mode and enables registry output for offline mode. + - This registry key is deleted as soon as SetupDiag is run a second time, and replaced with current data, so it’s always up to date. + - This registry key also gets deleted when a new update instance is invoked. + - For an example, see [Sample registry key](#sample-registry-key). 05/17/2019 - SetupDiag v1.4.1.0 is released with 53 rules, as a standalone tool available from the Download Center. -- This release adds the ability to find and diagnose reset and recovery failures (Push Button Reset). + - This release dds the ability to find and diagnose reset and recovery failures (Push Button Reset). 12/18/2018 - SetupDiag v1.4.0.0 is released with 53 rules, as a standalone tool available from the Download Center. -- This release includes major improvements in rule processing performance: ~3x faster rule processing performance! - - The FindDownlevelFailure rule is up to 10x faster. -- New rules have been added to analyze failures upgrading to Windows 10 version 1809. -- A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure. -- Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode. -- Some functional and output improvements were made for several rules. + - This release includes major improvements in rule processing performance: ~3x faster rule processing performance! + - The FindDownlevelFailure rule is up to 10x faster. + - New rules have been added to analyze failures upgrading to Windows 10 version 1809. + - A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure. + - Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode. + - Some functional and output improvements were made for several rules. 07/16/2018 - SetupDiag v1.3.1 is released with 44 rules, as a standalone tool available from the Download Center. -- This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed. + - This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed. 07/10/2018 - SetupDiag v1.30 is released with 44 rules, as a standalone tool available from the Download Center. -- Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues. -- New feature: Ability to output logs in JSON and XML format. - - Use "/Format:xml" or "/Format:json" command line parameters to specify the new output format. See [sample logs](#sample-logs) at the bottom of this topic. - - If the “/Format:xml” or “/Format:json” parameter is omitted, the log output format will default to text. -- New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive. -- 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed. + - Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues. + - New feature: Ability to output logs in JSON and XML format. + - Use "/Format:xml" or "/Format:json" command line parameters to specify the new output format. See [sample logs](#sample-logs) at the bottom of this topic. + - If the “/Format:xml” or “/Format:json” parameter is omitted, the log output format will default to text. + - New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive. + - 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed. 05/30/2018 - SetupDiag v1.20 is released with 41 rules, as a standalone tool available from the Download Center. -- Fixed a bug in device install failure detection in online mode. -- Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost. -- Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing. + - Fixed a bug in device install failure detection in online mode. + - Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost. + - Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing. 05/02/2018 - SetupDiag v1.10 is released with 34 rules, as a standalone tool available from the Download Center. -- A performance enhancment has been added to result in faster rule processing. -- Rules output now includes links to support articles, if applicable. -- SetupDiag now provides the path and name of files that it is processing. -- You can now run SetupDiag by simply clicking on it and then examining the output log file. -- An output log file is now always created, whether or not a rule was matched. + - A performance enhancment has been added to result in faster rule processing. + - Rules output now includes links to support articles, if applicable. + - SetupDiag now provides the path and name of files that it is processing. + - You can now run SetupDiag by simply clicking on it and then examining the output log file. + - An output log file is now always created, whether or not a rule was matched. 03/30/2018 - SetupDiag v1.00 is released with 26 rules, as a standalone tool available from the Download Center. @@ -408,7 +421,7 @@ Refer to https://docs.microsoft.com/windows/deployment/upgrade/upgrade-error-cod ```xml - 1.5.0.0 + 1.6.0.0 FindSPFatalError A4028172-1B09-48F8-AD3B-86CDD7D55852 @@ -459,7 +472,7 @@ Refer to "https://docs.microsoft.com/windows/desktop/Debug/system-error-codes" f ``` { - "Version":"1.5.0.0", + "Version":"1.6.0.0", "ProfileName":"FindSPFatalError", "ProfileGuid":"A4028172-1B09-48F8-AD3B-86CDD7D55852", "SystemInfo":{ diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index bf1e899bff..08b49123c4 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -52,10 +53,7 @@ sections: - - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system will stop working and a blue screen may appear at startup.

See details >		OS Build 14393.2879

March 19, 2019
KB4489889		Resolved
KB4493470		April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Resolved
KB4493470		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4489882		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 14393.2759

January 17, 2019
KB4480977		Resolved
KB4487006		February 19, 2019
02:00 PM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4493473		April 25, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		February 19, 2019
02:00 PM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off.

See details >		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		March 12, 2019
10:00 AM PT
" @@ -82,6 +80,7 @@ sections: - type: markdown text: " + @@ -139,8 +138,6 @@ sections:
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
- -
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493470

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487026, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487026, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2791

February 12, 2019
KB4487026		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Issue hosting multiple terminal server sessions and a user logs off on Windows Server
In some cases, Windows Server will stop working and restart when hosting multiple terminal server sessions and a user logs off. The faulting driver is win32kbase.sys.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue is resolved in KB4489882.

Back to top		OS Build 14393.2828

February 19, 2019
KB4487006		Resolved
KB4489882		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
" @@ -152,7 +149,6 @@ sections: -
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480961, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493470.

Back to top		OS Build 14393.2724

January 08, 2019
KB4480961		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480961, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493470.

Back to top		OS Build 14393.2724

January 08, 2019
KB4480961		Resolved
KB4493470		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480977, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487006.

Back to top		OS Build 14393.2759

January 17, 2019
KB4480977		Resolved
KB4487006		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 17, 2019
02:00 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml index 89d2b4a9f4..22ddb295df 100644 --- a/windows/release-information/resolved-issues-windows-10-1703.yml +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -45,10 +45,7 @@ sections:
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 15063.1716

March 19, 2019
KB4489888Resolved
KB4493474April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 15063.1563

January 08, 2019
KB4480973Resolved
KB4493474April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 15063.1659

February 19, 2019
KB4487011Resolved
KB4489871March 12, 2019
10:00 AM PT -
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT -
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >OS Build 15063.1596

January 15, 2019
KB4480959Resolved
KB4487011February 19, 2019
02:00 PM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >OS Build 15063.1689

March 12, 2019
KB4489871Resolved
KB4493436April 25, 2019
02:00 PM PT -
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >OS Build 15063.1631

February 12, 2019
KB4487020Resolved
KB4487011February 19, 2019
02:00 PM PT " @@ -118,8 +115,6 @@ sections: - -
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493474

Back to top		OS Build 15063.1631

February 12, 2019
KB4487020		Resolved
KB4493474		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487011, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489871.

Back to top		OS Build 15063.1659

February 19, 2019
KB4487011		Resolved
KB4489871		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
After installing KB4487020, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487011.

Back to top		OS Build 15063.1631

February 12, 2019
KB4487020		Resolved
KB4487011		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.

Back to top		OS Build 15063.1631

February 12, 2019
KB4487020		Resolved
KB4487011		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -129,6 +124,5 @@ sections: text: " -
DetailsOriginating updateStatusHistory
MSXML6 may cause applications to stop responding
After installing KB4480973, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493474.

Back to top		OS Build 15063.1563

January 08, 2019
KB4480973		Resolved
KB4493474		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480959, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487011.

Back to top		OS Build 15063.1596

January 15, 2019
KB4480959		Resolved
KB4487011		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 876d623cf2..9bf77f7d45 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -46,9 +47,6 @@ sections: - - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
August 09, 2019
07:03 PM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >		OS Build 16299.1059

March 19, 2019
KB4489890		Resolved
KB4493441		April 09, 2019
10:00 AM PT
MSXML6 causes applications to stop responding if an exception was thrown
MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Resolved
KB4493441		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4489886		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 16299.936

January 15, 2019
KB4480967		Resolved
KB4487021		February 19, 2019
02:00 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		February 19, 2019
02:00 PM PT
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >		OS Build 16299.1029

March 12, 2019
KB4489886		Resolved
KB4493441		April 09, 2019
10:00 AM PT
" @@ -75,6 +73,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
@@ -128,8 +127,6 @@ sections: - -
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493441

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4493441		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4486996, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489886.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4489886		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486996, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.967

February 12, 2019
KB4486996		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -139,6 +136,5 @@ sections: text: " -
DetailsOriginating updateStatusHistory
MSXML6 causes applications to stop responding if an exception was thrown
After installing KB4480978, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493441.

Back to top		OS Build 16299.904

January 08, 2019
KB4480978		Resolved
KB4493441		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480967, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487021.

Back to top		OS Build 16299.936

January 15, 2019
KB4480967		Resolved
KB4487021		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index c94998225d..b3059b9fe8 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -32,6 +32,8 @@ sections: - type: markdown text: " + + @@ -44,10 +46,7 @@ sections: - - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
August 09, 2019
07:03 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >		OS Build 17134.677

March 19, 2019
KB4489894		Resolved
KB4493464		April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4493464		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 17134.590

February 12, 2019
KB4487017		Resolved
KB4489868		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 17134.590

February 12, 2019
KB4487017		Resolved
KB4487029		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		February 19, 2019
02:00 PM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493437		April 25, 2019
02:00 PM PT
Cannot pin a web link on the Start menu or the taskbar
Some users cannot pin a web link on the Start menu or the taskbar.

See details >		OS Build 17134.471

December 11, 2018
KB4471324		Resolved
KB4487029		February 19, 2019
02:00 PM PT
Stop error when attempting to start SSH from WSL
A stop error occurs when attempting to start Secure Shell from Windows Subsystem for Linux with agent forwarding using a command line switch (ssh –A) or a configuration setting.

See details >		OS Build 17134.648

March 12, 2019
KB4489868		Resolved
KB4493464		April 09, 2019
10:00 AM PT
" @@ -64,6 +63,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" @@ -73,6 +73,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
@@ -126,7 +127,6 @@ sections: -
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493464

Back to top		OS Build 17134.590

February 12, 2019
KB4487017		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487017, users may received \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489868.

Back to top		OS Build 17134.590

February 12, 2019
KB4487017		Resolved
KB4489868		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487017, Internet Explorer may fail to load images with a backslash (\\) in their relative source path. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.590

February 12, 2019
KB4487017		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -136,15 +136,5 @@ sections: text: " - -
DetailsOriginating updateStatusHistory
MSXML6 may cause applications to stop responding
After installing KB4480966, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493464

Back to top		OS Build 17134.523

January 08, 2019
KB4480966		Resolved
KB4493464		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
First character of the Japanese era name not recognized
After installing KB4480976, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.556

January 15, 2019
KB4480976		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
- " - -- title: December 2018 -- items: - - type: markdown - text: " - -
DetailsOriginating updateStatusHistory
Cannot pin a web link on the Start menu or the taskbar
After installing KB4471324, some users cannot pin a web link on the Start menu or the taskbar. 

Affected platforms:
  • Client: Windows 10, version 1803
  • Server: Windows Server, version 1803
Resolution: This issue is resolved in KB4487029

Back to top		OS Build 17134.471

December 11, 2018
KB4471324		Resolved
KB4487029		Resolved:
February 19, 2019
02:00 PM PT

Opened:
December 11, 2018
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index dc24852730..c70c55ae78 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -87,6 +88,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
August 09, 2019
07:03 PM PT
+
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 7135d3adff..b30db83a7d 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -40,17 +41,14 @@ sections: + - - - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Resolved
KB4512514		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512506		Resolved
KB4517297		August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503292		Resolved External
August 09, 2019
07:03 PM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		May 14, 2019
KB4499164		Resolved
KB4505050		May 18, 2019
02:00 PM PT
System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493472		Resolved
May 14, 2019
01:23 PM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >		April 09, 2019
KB4493472		Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493472		Resolved
May 14, 2019
01:21 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >		March 12, 2019
KB4489878		Resolved
KB4499164		May 14, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		February 12, 2019
KB4486563		Resolved
KB4493472		April 09, 2019
10:00 AM PT
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >		April 09, 2019
KB4493472		Resolved
April 25, 2019
02:00 PM PT
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >		March 12, 2019
KB4489878		Resolved
KB4493472		April 09, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		March 12, 2019
KB4489878		Resolved
KB4493472		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		February 12, 2019
KB4486563		Resolved
KB4486565		February 19, 2019
02:00 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		February 12, 2019
KB4486563		Resolved
KB4486565		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		January 17, 2019
KB4480955		Resolved
KB4486565		February 19, 2019
02:00 PM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >		January 08, 2019
KB4480970		Resolved
KB4493472		April 09, 2019
10:00 AM PT
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >		October 18, 2018
KB4462927		Resolved
KB4489878		March 12, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >		January 08, 2019
KB4480970		Resolved
KB4490511		February 19, 2019
02:00 PM PT
" @@ -71,6 +69,15 @@ sections: " +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512514.

Back to top		June 11, 2019
KB4503292		Resolved
KB4512514		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ " + - title: June 2019 - items: - type: markdown @@ -120,8 +127,6 @@ sections: text: " - -
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493472

Back to top		February 12, 2019
KB4486563		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4486563, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4486565.

Back to top		February 12, 2019
KB4486563		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -130,9 +135,7 @@ sections: - type: markdown text: " - -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480955, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4486565.

Back to top		January 17, 2019
KB4480955		Resolved
KB4486565		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 17, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480970, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493472.

Back to top		January 08, 2019
KB4480970		Resolved
KB4493472		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480970, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490511.

Back to top		January 08, 2019
KB4480970		Resolved
KB4490511		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index 3c832e536c..cee285c22f 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -43,8 +44,6 @@ sections: - - @@ -52,7 +51,6 @@ sections: -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503276		Resolved
KB4512478		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512488		Resolved
KB4517298		August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493446		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503276		Resolved External
August 09, 2019
07:03 PM PT
System may be unresponsive after restart if ArcaBit antivirus software installed
Devices with ArcaBit antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493446		Resolved
May 14, 2019
01:22 PM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >		April 09, 2019
KB4493446		Resolved
May 14, 2019
01:22 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493446		Resolved
May 14, 2019
01:21 PM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		February 12, 2019
KB4487000		Resolved
KB4487016		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		January 15, 2019
KB4480969		Resolved
KB4487016		February 19, 2019
02:00 PM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		February 12, 2019
KB4487000		Resolved
KB4493446		April 09, 2019
10:00 AM PT
Devices may not respond at login or Welcome screen if running certain Avast software
Devices running Avast for Business, Avast CloudCare, and AVG Business Edition antivirus software may become unresponsive after restart.

See details >		April 09, 2019
KB4493446		Resolved
April 25, 2019
02:00 PM PT
Devices with winsock kernel client may receive error
Devices with a winsock kernel client may receive D1, FC, and other errors.

See details >		March 12, 2019
KB4489881		Resolved
KB4489893		March 19, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >		February 19, 2019
KB4487016		Resolved
KB4489881		March 12, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		January 08, 2019
KB4480963		Resolved
KB4493446		April 09, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >		January 08, 2019
KB4480963		Resolved
KB4493446		April 09, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >		January 08, 2019
KB4480963		Resolved
KB4490512		February 19, 2019
02:00 PM PT
" @@ -73,6 +71,15 @@ sections: " +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512478.

Back to top		June 11, 2019
KB4503276		Resolved
KB4512478		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ " + - title: June 2019 - items: - type: markdown @@ -122,7 +129,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Internet Explorer may fail to load images
After installing KB4487000, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1 
Resolution: This issue is resolved in KB4487016.

Back to top		February 12, 2019
KB4487000		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493446.

Back to top		February 12, 2019
KB4487000		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487016, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue is resolved in KB4489881.

Back to top		February 19, 2019
KB4487016		Resolved
KB4489881		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 19, 2019
02:00 PM PT
@@ -133,9 +139,7 @@ sections: - type: markdown text: " - -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480969, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4487016.

Back to top		January 15, 2019
KB4480969		Resolved
KB4487016		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding.
After installing KB4480963, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480963, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493446.

Back to top		January 08, 2019
KB4480963		Resolved
KB4493446		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480963, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490512.

Back to top		January 08, 2019
KB4480963		Resolved
KB4490512		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index 8ca80054e9..df7f82cfb2 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -39,10 +40,8 @@ sections: - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Resolved
KB4512499		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512476		Resolved
KB4517301		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503273		Resolved External
August 09, 2019
07:03 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		June 11, 2019
KB4503273		Resolved
KB4503271		June 20, 2019
02:00 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493471		Resolved
May 14, 2019
01:19 PM PT
Authentication may fail for services after the Kerberos ticket expires
Authentication may fail for services that require unconstrained delegation after the Kerberos ticket expires.

See details >		March 12, 2019
KB4489880		Resolved
KB4499149		May 14, 2019
10:00 AM PT
NETDOM.EXE fails to run
NETDOM.EXE fails to run and the error, “The command failed to complete successfully.” appears on screen.

See details >		March 12, 2019
KB4489880		Resolved
KB4493471		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		February 12, 2019
KB4487023		Resolved
KB4487022		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		January 17, 2019
KB4480974		Resolved
KB4489880		March 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		February 12, 2019
KB4487023		Resolved
KB4493471		April 09, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >		January 08, 2019
KB4480968		Resolved
KB4490514		February 19, 2019
02:00 PM PT
" @@ -63,6 +62,15 @@ sections: " +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512499.

Back to top		June 11, 2019
KB4503273		Resolved
KB4512499		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ " + - title: June 2019 - items: - type: markdown @@ -97,7 +105,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487022.

Back to top		February 12, 2019
KB4487023		Resolved
KB4487022		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4493471.

Back to top		February 12, 2019
KB4487023		Resolved
KB4493471		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
" @@ -108,6 +115,5 @@ sections: text: " -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480974, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489880.

Back to top		January 17, 2019
KB4480974		Resolved
KB4489880		Resolved:
March 12, 2019
10:00 AM PT

Opened:
January 17, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480968, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, “Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).”

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490514.

Back to top		January 08, 2019
KB4480968		Resolved
KB4490514		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 7725b0bf92..4bd64240b8 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -42,13 +43,10 @@ sections: - - -
SummaryOriginating updateStatusDate resolved
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503285		Resolved
KB4512512		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512518		Resolved
KB4517302		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503285		Resolved External
August 09, 2019
07:03 PM PT
Some devices and generation 2 Hyper-V VMs may have issues installing updates
Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.

See details >		June 11, 2019
KB4503285		Resolved
KB4503295		June 21, 2019
02:00 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel.

See details >		April 25, 2019
KB4493462		Resolved
KB4499171		May 14, 2019
10:00 AM PT
System unresponsive after restart if Sophos Endpoint Protection installed
Devices with Sophos Endpoint Protection installed and managed by Sophos Central or Sophos Enterprise Console (SEC) may become unresponsive upon restart.

See details >		April 09, 2019
KB4493451		Resolved
May 14, 2019
01:21 PM PT
System may be unresponsive after restart if Avira antivirus software installed
Devices with Avira antivirus software installed may become unresponsive upon restart.

See details >		April 09, 2019
KB4493451		Resolved
May 14, 2019
01:19 PM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		February 12, 2019
KB4487025		Resolved
KB4487024		February 19, 2019
02:00 PM PT
First character of the Japanese era name not recognized as an abbreviation
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		January 15, 2019
KB4480971		Resolved
KB4487024		February 19, 2019
02:00 PM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		February 12, 2019
KB4487025		Resolved
KB4493451		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

See details >		February 12, 2019
KB4487025		Resolved
KB4489891		March 12, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
Internet Explorer 11 users may encounter issues if two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine.

See details >		January 08, 2019
KB4480975		Resolved
KB4493451		April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		January 08, 2019
KB4480975		Resolved
KB4493451		April 09, 2019
10:00 AM PT
Virtual machines fail to restore
Virtual machines (VMs) may fail to restore successfully if the VM has been saved and restored once before.

See details >		January 08, 2019
KB4480975		Resolved
KB4490516		February 19, 2019
02:00 PM PT
Event Viewer may not show some event descriptions for network interface cards
The Event Viewer may not show some event descriptions for network interface cards (NIC).

See details >		September 11, 2018
KB4457135		Resolved
KB4489891		March 12, 2019
10:00 AM PT
" @@ -70,6 +68,15 @@ sections: " +- title: July 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503285 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512512.

Back to top		June 11, 2019
KB4503285		Resolved
KB4512512		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
+ " + - title: June 2019 - items: - type: markdown @@ -115,7 +122,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		February 12, 2019
KB4487025		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color.

Affected platforms 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493451.

Back to top		February 12, 2019
KB4487025		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487025, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489891.

Back to top		February 12, 2019
KB4487025		Resolved
KB4489891		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
@@ -126,10 +132,8 @@ sections: - type: markdown text: " - -
DetailsOriginating updateStatusHistory
First character of the Japanese era name not recognized as an abbreviation
After installing KB4480971, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4487024.

Back to top		January 15, 2019
KB4480971		Resolved
KB4487024		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 15, 2019
10:00 AM PT
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480975, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to:
  • Cache size and location show zero or empty.
  • Keyboard shortcuts may not work properly.
  • Webpages may intermittently fail to load or render correctly.
  • Issues with credential prompts.
  • Issues when downloading files.
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480975, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4493451.

Back to top		January 08, 2019
KB4480975		Resolved
KB4493451		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Virtual machines fail to restore
After installing KB4480975, virtual machines (VM) may fail to restore successfully if the VM has been saved and restored once before. The error message is, \"Failed to restore the virtual machine state: Cannot restore this virtual machine because the saved state data cannot be read. Delete the saved state data and then try to start the virtual machine. (0xC0370027).\"

This affects AMD Bulldozer Family 15h, AMD Jaguar Family 16h, and AMD Puma Family 16h (second generation) microarchitectures.

Affected platforms: 
  • Client: Windows 8.1; Windows 7 SP1 
  • Server: Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4490516.

Back to top		January 08, 2019
KB4480975		Resolved
KB4490516		Resolved:
February 19, 2019
02:00 PM PT

Opened:
January 08, 2019
10:00 AM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 4a6c046585..cca3c91d12 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,13 +60,13 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -96,10 +96,10 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
August 01, 2019
05:00 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
July 10, 2019
07:09 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 22dc09d48a..9fa8392574 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,10 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
July 10, 2019
07:09 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
" @@ -90,9 +90,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index a0e9fb7109..c9f0739b5a 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -65,10 +65,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + + -
SummaryOriginating updateStatusLast updated
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17134.950

August 13, 2019
KB4512501		Investigating
August 17, 2019
01:37 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
July 10, 2019
07:09 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
@@ -86,7 +86,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Microsoft is working on a resolution and estimates a solution will be available over the coming days.

The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive this update once it is released and install it.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Investigating
Last updated:
August 17, 2019
01:37 PM PT

Opened:
August 14, 2019
03:34 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" @@ -96,9 +96,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 9be5808d94..4c3dfc4364 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -64,11 +64,11 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -98,9 +98,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 17763.55

October 09, 2018
KB4464330		Investigating
August 01, 2019
05:00 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
July 10, 2019
07:09 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17763.253

January 08, 2019
KB4480116		Mitigated
April 09, 2019
10:00 AM PT
+ -
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 1039a0f7f1..1d23df7da7 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,7 +65,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -96,7 +96,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
August 17, 2019
01:38 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
August 17, 2019
01:49 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
- +
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
Last updated:
August 17, 2019
01:38 PM PT

Opened:
August 14, 2019
03:34 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
Last updated:
August 17, 2019
01:49 PM PT

Opened:
August 14, 2019
03:34 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
August 16, 2019
04:28 PM PT

Opened:
August 16, 2019
01:41 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 32a79ba231..15f5bd4ccc 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,12 +60,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Resolved
KB4512514		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512506		Resolved
KB4517297		August 16, 2019
02:00 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows udates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Investigating
August 16, 2019
04:28 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503292		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Mitigated
July 10, 2019
02:59 PM PT
" @@ -93,7 +93,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server, set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.

Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  2. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		June 11, 2019
KB4503292		Mitigated
Last updated:
July 10, 2019
02:59 PM PT

Opened:
July 10, 2019
02:51 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503292 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512514.

Back to top		June 11, 2019
KB4503292		Resolved
KB4512514		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 9d7b7f6c5a..3efbd362b4 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -60,10 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503276		Resolved
KB4512478		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512488		Resolved
KB4517298		August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493446		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503276		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503276		Mitigated
July 10, 2019
07:09 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
@@ -91,7 +91,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		June 11, 2019
KB4503276		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503276 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512478.

Back to top		June 11, 2019
KB4503276		Resolved
KB4512478		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index b8b9bb20a0..d1010bdae7 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Resolved
KB4512499		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512476		Resolved
KB4517301		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503273		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Mitigated
July 10, 2019
02:59 PM PT
" @@ -88,6 +88,6 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server, set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.

Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  2. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		June 11, 2019
KB4503273		Mitigated
Last updated:
July 10, 2019
02:59 PM PT

Opened:
July 10, 2019
02:51 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512499.

Back to top		June 11, 2019
KB4503273		Resolved
KB4512499		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index df2dfdfbe6..055acb57ff 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503285		Resolved
KB4512512		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512518		Resolved
KB4517302		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503285		Resolved External
August 09, 2019
07:03 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503285		Mitigated
July 10, 2019
07:09 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
@@ -90,7 +90,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503285 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Workaround:
To mitigate this issue on an SCCM server:
  1. Verify Variable Window Extension is enabled.
  2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

To mitigate this issue on a WDS server without SCCM:
  1. In WDS TFTP settings, verify Variable Window Extension is enabled.
  2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
  3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		June 11, 2019
KB4503285		Mitigated
Last updated:
July 10, 2019
07:09 PM PT

Opened:
July 10, 2019
02:51 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503285 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512512.

Back to top		June 11, 2019
KB4503285		Resolved
KB4512512		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
" From d1c05ca3a01c8bd0fac61c69f679f55cb33dce24 Mon Sep 17 00:00:00 2001 From: DocsPreview <49669258+DocsPreview@users.noreply.github.com> Date: Tue, 20 Aug 2019 12:32:51 -0700 Subject: [PATCH 014/113] Merge from master to live (#956) * safety checkin * added location for group policy object * replaced reboot w/ restart * safety commit for some initial noodlings * restructured to emphasize new policy; connected to TOC * adjusting heading levels * fixing tables * Latest change for August 20 (#955) --- windows/deployment/TOC.md | 1 + .../wufb-pastdeadline-restart-warning.png | Bin 0 -> 52613 bytes .../images/wufb-pastdeadline-restartnow.png | Bin 0 -> 23060 bytes .../images/wufb-restart-imminent-warning.png | Bin 0 -> 41159 bytes .../images/wufb-update-deadline-warning.png | Bin 0 -> 31090 bytes .../update/wufb-compliancedeadlines.md | 273 +++++++++++------- .../status-windows-10-1903.yml | 4 +- 7 files changed, 176 insertions(+), 102 deletions(-) create mode 100644 windows/deployment/update/images/wufb-pastdeadline-restart-warning.png create mode 100644 windows/deployment/update/images/wufb-pastdeadline-restartnow.png create mode 100644 windows/deployment/update/images/wufb-restart-imminent-warning.png create mode 100644 windows/deployment/update/images/wufb-update-deadline-warning.png diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index cc903e11ec..2ac2f8253f 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -249,6 +249,7 @@ ### Use Windows Update for Business #### [Deploy updates using Windows Update for Business](update/waas-manage-updates-wufb.md) #### [Configure Windows Update for Business](update/waas-configure-wufb.md) +#### [Enforcing compliance deadlines for updates](update/wufb-compliancedeadlines.md) #### [Integrate Windows Update for Business with management solutions](update/waas-integrate-wufb.md) #### [Walkthrough: use Group Policy to configure Windows Update for Business](update/waas-wufb-group-policy.md) #### [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure) diff --git a/windows/deployment/update/images/wufb-pastdeadline-restart-warning.png b/windows/deployment/update/images/wufb-pastdeadline-restart-warning.png new file mode 100644 index 0000000000000000000000000000000000000000..984afea6ed65d637c32d8e1e02698bf706241616 GIT binary patch literal 52613 zcmV)@K!LxBP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D%^FEWK~#8N?EMFL zR@aq14y)6_y~QndoH&kq+#6NBqC)SzH}&3o7eW;w2?-&(5Fh~(UG(0&G1vxoJ8|0l zzL{CyTIWR$ahOT|6K2MqpyxS{-uJ%up0dy0Yp;FoDOR}t_wWDy@7F)w{=5Bm`|tMO z?Y|%T-@pIczg_F6Q_Dz8t zh^pEQt6vAhs&DM=bUWQnx6|$PLrkxS;`P}J1l$I<_4gM*p1gQFtorcA{^_^V?Q}cc zPPfw!F*zlmU*sYIx4~`w-3Id8>2|uEZl@npx((#F)9rLS-A+I9bQ{QTr`zdvx}ARH z={AtxPPfzTbUXdX(`_LCF{HGcT)Ular`zdvx}I(cko#mXWx~prsedM{ebQkq@Zo=b zx9Xq8#Cy#B`mby4-`nrG@%xWIS^K2@IT;{U`!X!D;kBDRb7Rtdmd|>Q^7GZR7MWW2 zPc_%ADfjmL{#;Ib`pf)&Ea|(psIA|-cH@0N{$$a2>+fCv^Y_1P50<|F&wu-V{(qe; zdU<1c-#vTNy#Mlki_YEbzW1NL>{eQ{h2bgXRBhP`2S3a!# z<}&5N);k3@z6ln=^yhW|Lf#`VXQ%t-@E(5We;c0^-otBt1^g}hdS3q*QW|X8HhZ5$ z*n20koyojrQ5dz^j^FLcdOtWFzKaPN&16!|b*n6e24Cd*b z#4?lkOcI}AdA>g~g}m;R?7WlNPPHZFyWjNLj&1vk`+w9)x*+nBPJK{6S#&}DZTYTy zEWiI}$=)js4(xyPjQZPG`XaqaHP;=yWq&t+_Rp!kE*3DepDTk1ZC&q=A62>) zKyFPo?%L&}Bn!dZqy*EqNeoQ7( z%b?@WB(Tf&6cO{9t`lf)_S|12Mbb*94$8}-d+q5ju73w`?fsHwh>D2GU*-GXkSuyG zlEg%!V{CxJ{Z>W%9_lo=4(Mp7{}^TLI)Y6ly0=3u_Ylv=M+1 zylp5nu|)~^&xUAW9RfK6XiS#h+Lh%0LZWgQCT#(3i;-HC-;&y|-|X4;MB}7fI(Wq! z`8m*F?D^l?H=nXjpsXn~e=-Vx=I5{SEXF8cxAD$0Y+e6vp7#$h8Kxv=WC0B$C$`lj zBeU<_|07Sv;ToM+zp0^iSfwR8b6~P#5-^$Tet%E@TY%aE<~K{s zgVCSz6zB>3?3gV7(@e54{q^6UgfI4tN;@cdCD0}Wydp5|Hukq{O5`f}hCC7}v+H@7 zHvD~g{2ztl_Jul(d3uIq05@Ph$!OaC}{Y4|JIuwvshzN`O# zZ?X_T%7)}nAa2MFlc~StXogH~{%m{tejXkEA`d=q`s3!${-D!84&)Z_5D;seR^w_$ z82&}Po(l&u3pcJpVyOMWzHpFE>*w!R6l_hh8wM|lP0^I9&iF<&}KD`)nN2Y(mCGa;^JJkt!d z{0}juTairvyT?;TF?3XnLfGzhaM5r7mxfj}M4<6p(`LON@*rqaKkW27ZNiqiqxT^< zd-lfU;Khj7gTUmQ#%B_lPYmr$?@?%TboL#*HH>icXWP?v0 zhTU6|hHOOEM8*s`(^$Cy`y`PAY+6giHcxcM6uz$Ya}SoKB#`-)x*iVbwQ?ibv(}oohPe z&rCr7zn|}qGf62djLPEV?A>GV(-CR-`M4|^AEOg*8h|mLn?G-o8JeNOkqyZKYPd?u zE3mWiEi`QV4l;?SM`z={K{RAfMnihZDW_>(cB=dz5BS-T<=r(X13w?1i>}_WjN~+= zB#==^t#DXvyZN&}wj?KSPawAuIC^K}o*^0d#pq;oWuIA_{w7GVKmS$~BIjo3OCa}% zLpK8XljHJm|6uAH9lVW~#;*T%l-vGN(_(+rIg&5~lBxrrxACMyagXM8-lL&B5idWH z5jrBh{PZXA{T)pBA5CV=--C7VVtE0jER*;_n-H6}FzV~|zsa-h$>iawJXl|ohbCd@ zy@G|^n<3%9k;e}<{o_C`_Q?(n5Qr0a+*0vw(sBgVZbla`DgX`C%8%^aB@XXQO+j!? z3pxzcuuG9qAa#NzocWOo@FvMb9qlYZ%HbT1?41`-ed=S_x@*RX?vv8|^|S5CGUJEO zOLj7DKGTIP=&^y(WM5Q7_jEioGzU!|e~STy8`+W31b7*)%4IU3uFp5m{|A>Gqv2Dq z3C&;q3mzOsgCjGyjJ;Z34qN2;y=Q);NkFb>N-wLe+|n_kqy?KUe};SgX=h$!i3CPt z7k|sy`%_MS)DzcOJP?qM)=z$q@fB^b?iB`GKiVaKzv*)~q`v}kCIjSNDQ4KAyI&k0 z8WM|+0&cNyf6Xw{%R<$kePU*>{P)|g>UiJ46m*gE@FC8~E?BMz({~_jhIwxOy!1$s z$Gyy>8y%6gH%X*M4Jhk&X8*VI_yMPX6v!nUGaYUKzstip$K&PcnYjA@{uTX`t7)K7 zysrqhj^S8;;ykK%9D%i)6sH7s?vd!^8f;j}cV1n_>#5GVL5cO*ODtApP}pAluJJkj zX9#(7h39>`N53oS`5S-NZ#T>1#%ENXDObN;Hwt}k|6TXCUpM((zt@8xs(kxX=@~j( zdnDqyX>;+?ta)TwWH@>u#jyChe3aVjrwE3hZQWwX9(b=`39nPG1nQTk<)h{JMRb+Z z^vE!V_UowScwk}~%WfZ2WxirA?#z#2x8>UPWZKJXs$+Y(rVTgTb7L}Xx}J2eo|F9l z>iO$3Xix1jYA>t3Z8v^yPuH(mQ(pHD%fl;?OVF9dY2zswG6L}-PXtEcjJBE&-eS+^toML%Jas1+vTJ@J=nM2Y+JuX zj4NJ?L!W+)pZJBFezg%RR^Q7GOda@)>egP*>-iZ+uf%&g5R6`ns>g#P^QmK+F(yE! zO|`ef(X9F>8d_|7a3=nh_Qnr%3gCYv3eWI_MAmW7uHR7>o?EbYwZzlX@mMk z!!O_0fg6*N`StQ{?6Y<`eZa$XKWh3PbN57=t_gsa$SS@M7l8$iq1Zw$71k zUk17k%)q??Q7kta5A~16{az8clg`jKfQsal$U4R2LH|%Z;1gzPhj%7AyUvDxXco?W z@-?0u5|8^lqR_=VmURq*9m8;Ig}pvBGM0IlZz6uuKNj89W)~)J&F{}g2ZrC>*j_8Q zc-%E00r&Thg0&(9D!jF3IItYCF|i+O%HP2^6Am6>4Ap~ipMNwuljRu);l^kE5^%5P zth=&L+yxx$L-m78GCHze53+roHI>UHiL&7{1ScCt79DxbM*Y~IM#M5~{Ma`BZYSea z-ei{=W)YxtBn!87i9!$m1a$MKuE`kLp04bR`~9PEm#5^TG1BWZCtT9doo#%8fY^gf z(nKU;Uy2&NvtZ9UcK79V4_?z$M*|v~kDY){1K4(r%R8yw@p#xj0(Vm{tlR{qmKj)G zykgN=G8YSG-K{+fU`K#;2w=U)&@{m={l4wAj1R_7FS z_m0MW1Cr5!k;m}72JHIy3q0x{#{OVl?yQ$b9PS;Ih`ZR2RxXj|dS`z|dWHm~!p2*( z!zfSc+kHONOUc!&DJg>59D z*;5vF0%kw03!$8yf>5-6KQ^8D5Ks6;P%qh^{i$QFxs*`~9_t^32Ye+XwVCyyEYuGg z!Z2g%Y`5&WqwKzw%+4;yz5OOo@AO`Y{jV`{6Y&YeHQZ~#wjWjc$AO$lvm>ND>^ysYcFw?K z;|p=|kAK9#xJt9>`SL>-5x;B;tlka8!^87Y+IAMLm#$&knGdk?{AX~As)5xzA^63F zLaaFVDP9YyfwdzQ*g2d`vE_g z2!;yvXb4Y_&O-Ix^H_KBGpspx4UOkMhI0h#(uaay}qWObsNL{rDchGoi z+K!`NFpaZM41qcuF{_UAzN^@H`Z8KR_!QI1TByu49LEIs7pz6o{xe8v*oUR(uMs>x zLq_vqbfw(Her(A`Z0Q6Y1gd@0;g`Asi*_ADUfU7u`0#V|iL60avc23*C$RZE%Xt4Y z6t`U@aK^!gPE*mCPs%d1Ui=hIXFtSZwlA-79|~KK(Rs(iIc+`a4__pJQJ)Aj*8QU4 z7*UGS9mm)^~Z^Q9MZJU2*sd2D6W?`m#UhtfrQ4#-_^_S+!mH1m5|rw6R3IHm!`dbDnzq z5n3;Qi8%|mp@Ul>x{w@nl%oisJ<*}gtlf%Fzy2LQ|Mm~q#rlpaScjmcKUS1M2Q%zK{RyDVJYwdQ`4g0X|%4e8dy%9OorLX?< z|HJ;PUt-Ov5Aa6FBI;}$9ZkH22>h6bc>nP+aw@f6G{{5xX&!49lYk=}nHzRv#i2_W z7*>P>1fRPHWudD}EY=@8kF_T*QUV*IhJJXQXxC^`Kbnfmm1&=fT7w44Yg%Md8mDzx6{|dOJR?$g? zVcOiam{71BkBlnBYcq0i=%Y{JoxBVkJ+d$|a~;lI`wVYI6ykv~1!PD`I84CkpHK^{ zH)bMv$tIlp_$vH^vhduvx$uuI$C=MQ$Bg18SiLn3=!NGvS&zduL!AUA|~anF!#qSZo|t{O7KuX3aVR=W9`9ncxh@Ho|~MGwI|P` zpm`sx-V8z?I^#>f{}Y1d)!>&SQ{WL>g|B}9M;xM4vU+Pa#ulx?l`p=+PX$>03kZa> zF)=0|n=V|1ZNHg#eoPW}ef?WJH7pTbdrzj(euN`m{0qDz3h>LJvFH_4j?iSh&yLN+W5beh`isxu7gKCt%jX9XN31 zbKIrKL^DGAOh?X=X6(826&(5n<0t;J@W~&(#SRjacjuJiiAkkor*jPx)^LfHYdYQy zEX1X+zQ(N5HF$nx5`2TwsYhSnz}4TNyH_;s@{Yo`OP^qV>n=PuCK-L^RN>SozlDE# zHF|~>swZ z7x2#H95U*7^a&}(l`p@r3;mL_5cw!jA{=j9Fw$M?$ zHJQ)ngJxxj&KuJT@z}_0JU^5&y7VDtRcyk~#}%RbAd(3$%R4QzrbQ9G@a(2I_XAJ2 z3dpspP~&)Z3}HKH%#23z*!XnpzxFjg{o*$Wo!>~HN+I)Zz=dm9aqmDr+l!%)V<;M3un8+;Lv9VHlFwx>1z+Op0kj!au-?;UxI@h^KqxF7-`r$hF~kN zC9I^3`^Auv)5*L$lSUeW7pBdJV^B8Q&YVZqx}Cf}1FuaXu#;_TD8i}_ft;*s@A)g} z7rF@d49vvQYhR&%R52ZgK#I=volwjuS&i+dKjiaM$sU_<{FC3Kn}%U}vYl_wKt0)9 z&E89ld?KjS>_7IQt@^ch5+=`GjT09?#GTH%HyE!@FU5z9G@j}oLFY9RRxb~MS70ug z>nG^o9EtL6r;)c#{W1wQj=}sNhQPA5*md#>??xs>(i)vuTzF(o>pEY0|5dhP3M!$qu@$lIK?s^9zose6^n$0Yf-o7EbBKD z4UEoG8SPoUMV-{N&Ue_?Gb?fNtKZ?LgW@rzbUpSk3b=v!saud!H#*~ zGcXzlzx)brQ487jKv=tK*e?SP{k7O z@+Cs%Kyd4<;nH_zAZg`3G#ornkf$B>3dAZpw)C}h+;3CHjF_!@N7890Y59nSM(n9nS9erGiHpSy%nsnzgF zti>TliuZa_$KKE^H_Dn(f`dmgb~4I*d-ejOOJ)wc6WjF0G`u`28GR{>yw!WL_Au*8 zU43&_5#ImoOGf6bQ&0A#D{YvzyY=`vI=7Xy2S&Jf zJXR`!ErGnFX9~=iE0w!&^>%#l#kaWApUTuX0YOWSV9TlZVXGkt?_4vl+Ny6jMr1EU z{ecsBc2p8h5wu-G*zwNH+dUsI1y#_8dmKaNt0-8A9-DYe%eHC4Nsj!|@BCQT z{}HZAk$H4PRR^xHKSIqA znT?;uec5-t5-`4WBNiRKND!cb)A5YRZzRM1J?i$IMAiONsNQoF`%YgX2z`Usr)FaN z`KuUTw2sfx(4-grQs5O+fi)*7*Pc;i~h~nNM1PM7U=WKW;RATdqi*$gYczOhl z{FBcJvYCwBg0YQG%rR`f>60D=h7D&v!uF59MA4oTSh4RoR_r=}ON`#an@+=q@{F!+ z!x`#Y;g(}~VjLqOmuOh~$H3k@4i27l9-bLyHQ&|?*DyG54Ow|2wp{rdKAA1(LML{T z?0%#GM^0P&1~CeHd~gbmU;P5!NlP$d?mBFK|5M!IFR;=OVjO~NH(}%1Yv|?@h(`y6 zqvgYEcxrqBY+NJJ-80yt-;yVR=uWcjWAA^AaTV-O0hB-M=$ML$g{!cWjNFdSaBAU7 zeDKw8Fn7mMR35y5#k&vT;0NzBqWuQ;ZYcFy)AKoD*@@B!>K z1|FcHwG?!8C!qC?LQ3Nv)E~VJJ36I1JVS8c!>f2ZhNR4eV6By<9!cmCkcO?-ev9$B z1W4MXW`me{|FpfQ#uuaQ!!Pjg$U;6to%Bq?_LG;;cJ?C5cb~w*eW$Tv&jEb$FMmMn zif!oZ5`oILv(%~IAb!byJmAlI_X|YlK?T_K{uhi&7BOGik4Gwg&PchwZ6EfW`2d>_ zoX5ovKgSy8CkNPjRw4G$A$HeD0d2+FD+{)?ueKBCF*toK^C&VS2xfAD-k12MP-kg_ z`hHWK`+=uh0ptoD&1OygQ_YIPPGko*0&;rH*ad4*zwH=}Ti$yPf);PXwzCYiT`6F{ zLMjgpf}TF4ssR;y&fxK(so4MFm+*|B=j}(qx@C}&&&QeH{1I;iRvLy;yJa6DDhU|< zSbhNSqe9vCCy;xQsb5=JZB=tPp&9l>%Mht*rtk=?inv0~@E zZsnYa)U}6DcjN<0nNmW}1pK6b41w5o3gw3=-+WI8IcmH1Vgk-vj& zdn*i?jeD`_*eS9mg0jMRD%z@}pQC6U%Xo7dk{fnm%gJl7@gRWFakwXztgrIcSX;f|{V|_ag@6M{giAz^;UjTn&+d6xtVE4Ie z=o7jS&rU7F?hik~!-J{#1T9-BDS_N2b}9CK@G0(en}bmV@?9T(OGeH*Xtsi5G>Tge zp>`h`IT^5d(dnB*AZMQtXeN}jVCfOc%Y)8|5yOa_b-3{L?+Aho=%3Mufm!P@EPXkF zqZp43PQt$TuVG^Gdge=c>!n`r82H64zbgn+}71(@| zK;AdR0Qn99`S1*MVtuv{$ep4z^C=l!`)6V!fxLRt9(csn(eW?FgzTm8NT|V6)91rl zYZv+^;++}uux9@;9RB1hJU5jF?-|2(5y0u(%%TrE`Vi{$qHX)(JSPk5KlqZ4tq^w( znup_zXvSyOvaMR|l1F3D#7~E3wKW;~&5$uA2R~6hrb>A|SOM zuTQUFWXpE>F)H(qLkBuBtKMlyUEPKyM;Xz%C8Dc)81{VdFyd z5OoiuF1xTC+O<}vTDis$$V;&2qc8F3Sm}8J?CB7;pZO3eEB3)Nc?AaNG_cMq;1<7t z^`*`_6GvRK&_8iGc3-@P&4bv ze&FdJ1#-RYG+~ZBpMad(;K0R?F|l$FY+Mr1#!!9s0)^BJ|6ZMpsRWL%{|yY6iW!PdMBVlSh^|~i zMPuk`R+gorqfaC{_z)1O2=9c<$HlLIi#I0ow>KGDz8Q!fo>AEG!8J2ZZ1rj|a+-D_ zYts+mVel9l46RYY61;1|fd+0c<~hnRSlD-To2S zbLA2yB{ITzek!lA-fuEWxoaeuHPH(Quxh z469$$ancEEuN|x238-v6h`P2D7N`Ag1gyyvm+Ux+{c_wr!|>>sES&rFE4()F2YF;-HG}~r;xdNH&$=n0jn1$un+jW z%6E^4t!E;-`)87|G8})EzcB(jc1UHoEnF7@pSj-Ee_ z@TH8Hdb6%hQK%$aT}m>c5ZvlLw)xd*7?imhr#|@_J>0_ZF2VHNH~+$@ksz<3ojwz> z`ruh?x%dqutpwaVECpLX{tPcpCTMw3#$@J}H7 zXgVrd4&cP6-=YJf9?#_E<^^XDtpt9NzrRBL=oJcEIYv(cq+2u^+V*0@uEQiNmvPT9 z*;z6k_Kn3Zl7J}%b?D|i13T%|W6EhGug|vh2cu(q$0&@-TYCB&Pc#(4K zOFPs%3m@iBQf8-NN|B%5Sx8-X0PBu3itQyGor&`8#|V~Z(V^!=%h1f*!SIW(#8EoC zhX;@ZIWzSq8PL#*TO@ulb{@`OxrS#(kbF3@9ggu>$v#hQq}*TBuqNyAY9Oo`-E?t_ zMHjJr7lP}{!Fbp&5?}wzpWqz31ReT?;p~O?;S|Kad~Q5`F(w@shzX8*(f=&-VH?+y zl{XzFkiVCLH-i@7AfxHK{T2POAH0%D?7|4{moYe*tp3F@=%^WABA|+xWD`GDHm>xK z1G%Oj5;VxbwIIcYKyK@$mmR$37>>jhJFxfw!}DGdX6dzqb1>4DZNlNtenTVLilB-$ z42KS3^P%&&M|r*%gqVdio#)Q!+{gnu>S<^(YX0rb5OSB0OqgTLS{V$ zHttF2PQ_bGhO^`1M+jN49tq1fqxHy1T>j!4JjYP^;r-%gRD6LF)I!kwi~gy z6;o@sptS8U##Gap^@_vWb4qaGi?30$X)nfCv?8tLATD3MhFu3w!lBP>bR_#(edHn| zvMZRgpb;5t$FWbp!FC#)eb4cDVN5a({O_3a3nzcx%Z^9`?Azm|RoSJ?~AXl_uP3Gu8 zhHgWkE@?e(UUt7eDVHQ;4uL!d&rB-8{*S)GqP9cq<7T8R*@(l`q0t2-6$I06p0Q{m zsBJra86m|>*yr1D_4mKSmiIqnIniW>sW|xcZ}9RIIywTAncnE9X_nM$tt9j)#B&pi zagKemlw@RP*%}l#@4&@xzQwN3|HMcsgJ2tqMSD&Wa6U#z^FZxa0S^WBf$RYt8o6)uaVQZll`+Ui5)r10kNHX%w$aLBU zBRjVQMiqrP`T1`dT^+@Y1=|p}stsAYuHXUxRD@Nm$AT>fF{Ne;^>+t$Q#T$M%IJqq zaLK{a{y>pj?CdY5rCocqD2TLl zh0p^!#Z)mQUug-YHHVc<#lbxsgYz3H{6m;aK%KR0AMPB?j`z$oFKxQf;3v-Cg!!BI zBWv|GxI|T8YRzUmGJze+(0E|(O7w}Wq<0Us%s=)oqw?gk9*}digTlVcxSe%Xbf~qmLkgSfO zxwS7r#5)xZZYh|Uy9#BSb|JfEA3|!{@aS;Osb-!GSKkaOr-R&zxtn(*pkg~lrY*r% zGPsUfwBcTkdxz#Dan)uNZ#{@vwOjFeXeA~Ttwv|p2;4I$8xt38!CiycAFfFlS-yeb zS_o?`j?yrMTROqK92u*(qO^4vGFlIyPhx`sho6njLCVUVZ1(}`)j{-)Wn`lH%>kCV z@n$zj8mbxpX9P5bPOb6C8FVAFwAJvNhEiP9@#wfxMo)WCy0Hxf8~3A6!YWg)+3n9Y z8c&SLL)_|JDA{_P0J0fANmUp*e>M9i77tP9f~(fy{!w%qjL14jA1OGlH2`vmGvRi!i048Qpy~%$Ikwi_a+JtvQ=aNX!UR`qVUc^EI_&&-+(dQ;SK9NMoIUn~8 znTt3Qp~6kOkxYj+x}Xs~`jeG=Y0U)X<)v)`w9#E6x_P8ycHt_NFw$~NTTAj3i-*US zBYM?7l(n=WpEBx~w4CKd@>ybm52H~tm!=F%{3LxksV>?nQItC zKuh5{QYkewqIum4?Y#Ib!y7HsFe?)K@b_LpObjojz#2}F!w^uD?Z|k=AWfNOL6E}O z_V28N7LPb8BxjgRHf7a^|1}=3MMq*vn#tls_Ar13JRlu5TGYYNRs*~Q>>jfb5ch<}V*2{%#gY{A!Y>ZcDSro3BEg(lB&#&1qdP&xo z^)YSd|M%E_Mj>YQj-GL4UaD&!{_boEiN%z(V8Lus)Q|b}(zQsopZ97Qz(eD$e3lMW z3vx_*do$lYtRtfhv!{(%hh8u%Z=<+!xXe$(7L=35P|bFrbc{xh>IaQGtDhuKy*$-_ zt*}&IXx59$=*`arF?&6y14A_S{@z4bYiQ!_ICv-4VcW?|uosZ~(x?RZeKaJ))R)g{ z!4u2Sz8;#=XWFOLcm!V~FSB@u*RS`nS)kMVx?c2VJ54Ch`#mHVe%DZ$>ZR)@T;{Vz zNBLjNuN~9S*?Bhhkg?CmBMYT0t$hh_{qqgrS_uRtBh4D=%{n^Eu&Gc_-z8T@ zn3}t<1w>X(;nV>wEMnXBn~|ZGm0S8uj!`;cp4W?RfrpVDlV*d^(d*^67WtUT1Cp_s zCBpJ$AAO|z0$H|Q?a`cltxRNH&ElVS+v_97%ZNkwXoaF=E18(SV)A79+AxaXY|54l z^^EM(kg*I)^q{Gg1WDdD?$Q%YFfeuE{nuq^#`bmZk1gE_Apg&kgrua;0$QaTuebm9 z{iN$shIT>!NB1eU=XtZ#{w$M}VSxT?c8vg+#wn1cVLVILJ^#REj7V>QPiPHhXVv2D zSHDGQ^+tMl&FElWs*CP#SJE5vHtEJP+dtnd-SCX^F>O@3$?qn$U;F-VH-6XW8)d8f zZg#!>T6_Bb_wT2h{jO`*>ulvMZM+Ux)Q)PDaB_xx2k-~Zm8ZoKw=U1)F1jpesr`+h#( zOW&1$<8^-jE4}@X(v8pFtX?l7n9Elnrj*fIjRm!WCm%EMTH^gPz@Ka5Ss&SLt!rRd^D5Z7J} zWVPDK(axJJ{x6i{b}~z%&GLSNqMzm<$CxRoT20w2q6)cdc2d@2RyTR}e=3o^-8nE5 z3wIntGyC}E*$UZNr@>_70r|$U+iRMd_CLAV^S9IO^g~YnR6tG-to>WWygD-U68kbI z>gY|qXA-O##yYspq(M)CjoSC|8E_FaSM`|kPkyxh4WSl0w}^^C%ww;sOP z^S9IO^aD=+OhB$<#OyuO(SdAH`&*kaOU-vTi7Z#-z2kXmR1Lv85<0J9W+BmFQsqx?EiF<)6qD!ZxQ=4pAlCw zdU!+=%=I2e?;39R?d|j`VX67+bda&Fspjy^g(#U`rtH;He|* z$lRICOCY^~)61Uk=lRc`p8R-SbG83sy!Ljwoqi z#!VvZ`jc7qk2ZU_Smu}JFv-|&hu=3Qb9%pqRs`h6IbLVz8cxx^Fb3rR_hqIjp>obP z-kO1uz`hNIjb9XXfgm2RfNdx;^Qdq3?Co?r{h-tT7?5ka5P{N63;gb-*UiG%|H$Cm z@BMoKLHFo>r9a;jHB!Gc)8OpwculUN?E& zN_Kg(_WwueZ{2&Nd~Q|!{=TF+x|V}}3D{!0?<*7Uvq2_XNE+Wlv_iG}Nc zaGm{VhRb}kb+4w>sowL<;xZjE_m|J#n5RDfJ^k>v?zx?Ar(2xCZDacY8p9y-u4O&J7Yz3A-Zk&L_C zSs%}Y>oYB~c;EG56~A0FBw(-M6>l24msWcfvL2bR*Ge}&Z=?CJnp&sni{=GhCV$sl zVdcg4GCbFYVcOrqGSr~0ed#>R7%{K&IUSB`3G>x{KF4k*>OQrZPRBCuR(T3& z$QqfSIq#D|q{A`H{uvsd)|jvPT?-m43sKBQ`Er<&i^)@qUX&lpqwMvf*TzH`>HJK9 z^U&D8`odCIZJZ>zSq{vWBhx&69nPS0CDr%JON+oL8_L_XU57^2j6NwyXwjM3SgCww?J3*=5@-?9PDjgL^5CYubmg~RezZ8 zY&&JBDUWtOnpaJ^NG~KC(?8S$>ZP5To6fxDnElvi8e-9*A9Uba?4z=68HHJZobqLI z@S-ezBiKgjj&#zCZD*um%jnINp(uoH)r(v^y>n5$bxIcVHuJ~LAsT9%oSn|ORKK&% zl7W$*>U2BZPPZW48X%{EdWo&fB><4+Qi%o90&82hSd1xJjd?rHA!^Y&WN$r+;N^R8 zUjV_DplK`MWhic@uE`lV%|QnZW%%>E*+7RttVKWp^Wfl_jILf$u;X_N023q$WIEx+ z7^DAO*!w4=Bk!^DEoD9Cp|eLcLukutMQ!XQK)%a65_fpSprZhp<=WACICyLLg!vJi z1l-mHavLuJxQsK8Hhy`q z_ef(|e4b$0Q43rI`~(y2G-%^ZaP|?{upNpJ3=q+o5U9<`C2Xg)@-c@#&u^g^8YSJnE+SXN|YO9x#1j>$zR0NQW zM#Nn0JuNeQ>Xly-I=Mx{!A<=lV5a_=e#}Cr{&D7IslCxNIaRig z4x>Z=1lB9b$kR9&{x0XN-8e0W1^=Zj-A=dDe>vTfp%p5vVTJ@)h1oJ-E3Z5_IK?7l z@h)Vx9>t3jXz*^~cyf3GlIqr?e)BG}b1^G{5%VXQJUBWNy=D+tv~ta>2#<{`!1FT- zV5^Oh2x@j@P4*sSL>}q<9LKW6o&?rnkpx*WEgGqo*$NDG61Y|zYFeBanKdH>8*QLO zV6i8Avlj#PnMb42Fo29)LoKX74O;-OBjh@m(?b*;khN;;mjLdbvI0phCu#g-qy%iS zG<$&n!L2hLgf?-q5vUSCtewN4m8-AJo=-U(Mi(t8q64#|;ddtB+8O5{rby#weQg4i zkAO>Ieylm-&K$v|@>xHfz|=|48KBD~Xvd(NXApr`vLF-mXSo7@$%7!*fzHSPmS-xj z6I2F}DHGIfwC9Z81@Iot$gv_g+iF~!z-mB{GP3p~=qs8aV95a(CoS3Vb4Nx&4lGmm zY0TL{rwpD27l2E+Q9pO#4L9MVo^ zil=14dTZtj8NB*S{ih}D12dOmMp+|loo4eH)>+`mI(ODgBdv^;lk_5^_RKf?? z^yEON)KL+I_5-3!%_>7Wk2^fV(ak-?w9AH$qMMgijIuqfr;Vppqp}_>cj&zJm{Pr- zWki_Oz&fke)&RdiS`ir?o*(;L`+E@JwSw4QGo%RMV&if`(oyxVSzvZETe_WYr~gX2 z6+o^jW->;FlUgui!b!JWIE602g0?fT*TM^@D7+q5k4}Tg9N(UWjK(%hn7fpDlQ9#d zZ9F0f+;g$x!>{q?v?^$O&!Quj;Fz$0_fNwej?-vNF*MR*8WIgi;3c-CeK5o%ougpm zI13%z_#2H#tWitHZ3v{catuy1OizZrZoKZOrS$x+kl%@b)Q`XSX5KV(h3wXvXY5LY z)M+OINXIZ((+OES1;fTE6u%gmV)lgSbeWtUH8lxuw_9IZ~IVYCmmS_M@Lk>FgP#gH0gCA5c zc9@-(kvmbQVz8bO=-h86>&4#));b)*s&6o?wTE~=o#Dvu1TJgW7}jkz+r_#DFi+=M zuyf}#TAuC5vNb%#d+hsB2HMKkE1I&3MTfr3Lrb6K=rklEQ13U}0IrFGw6vUHWlOpA zaAA8`R~tqiwr+gJB?TSLE|{#3C+nmAu6u^EzGSd&bXamCT3XM3vetppY@^O%?dZyT z`-Z{Jg@D;t8+@^D0&7Qpe{(A4RIWwQM(xoa%62hA(z&D5vF@H(m{#3p$bxM@_88QN<*(rkgv##!pU|i;)W3MU9gY9uo#vML^m|fM32kAVXAC!aW zB_tiJ)6d3d;>DTNA6Lm=d*4uYF8oZ=VmTl?7M)yYvd)uOXO`(s=j6(0MLQ2FN+Qt9 zfe6UWkm2|2=ytlD{>$kf2XX=t*^l;n?nEZq(Xccz*Gxn#--Q|F4KygSM(+@es%XIj zQ?)r%9)2~w0`r>pFeD{F5PTFmYoCqr#m#0j`+%rIWV9S*NF0agWvxhI8b?NC=N5zh zIm_|V^eWup8Hb6r+ws7dxtLbggq(Hz;F8`zkS0KTWa93T=?JWELHN>5m|V4mAQg%M zY0J!JNTZ9E;epZf5W09XGV7a=zjimCo{){lr(}F*@EW{4s|-i~1xQ`f z2B%r+n3!8{Kzv}v5=1X=LCC5${A64ielltvk{Wj+q4Mt{f zgjK;ay&h-2`3>T0sCTTxmw)&cV+)qSDP;kAN0j01$pFYeH^2EPXgWr@@5G#%_2}*! zi=Pb5KsaqBf=(v6ZUbJPU5cltmLYuE7R0XHiC@fKY#gfCyM|_NGxFQ%mZn<)_? z(@L@J>@_4*Z@?W4bv4#0mY&sg068l+;~}!m#HND?&sl(?^}DgG?Jyqp3`0TdQOsG? zieC&3$MH`-gJ05eJUuuaUI}%`Ub6!kYYxCGdI?T`@moAIVJ>FW?m%pHBc|0KK;DWb z+}Ud;emW!%YfoRnsCkX(zBx)(#^7vSs{U*hG783} zXKKM>Y&-S=-VR=fhGQS$rLp-KUa%Ic4xhp6BVw`U^i}xAm7|PNR7KMsRP8=X5L|~} zk4?u@!wEhf`MA?R8S4(6#;@m8qF-Dcigp}F)Phw=psXJEi9|`uUQDmui%G>BkwoXB z(^_;e!GO3jq^;V8MMo~;fuW2p1~Cd@6f``w4moWX8FhssZ^LoSn%{!ag=?_&2tFAGIN&T z+)ex89=8GmV-_HE;RdtUa}j}lWMUbX5p1pANWhyx^;o`jC&9KA@npDG&rU&1C7Il+ zodk(c_{S6@vvwWg2o$a7uHvO3A*ej|F`gKkhqnSNv2@pQBsJ_IkPuW}4}(qLAT;hf zfyC-&EZb^1G}e_)WaYt&=&G@O?|gLdPDa(i3wU)xCZ3;Eh?=d3U_%E|ux2NMOV+?Y zx(Eqmg~|16F#q8D7!f@WHTy2W>fJz0Ppd^k%MrXeeF0Kd?ndmwCT!hz5>W)$gf+Wh z_1rl8d}<+zHyniX%sez+{uILq_A^RX!f8$+em%ViMLSO;u&No4vkz=M*{{7q$gtNV zYUK{(uiS(_!KGNf_Y7QOYbcM&7{oGDTTddaycvl)9OUI`n7891WmAsKx;6w+URJ%w zz-kEl$uSl~;%kw;{)jm!B8|~ZP;mps7B(Px%|Yfj3olb&TJ|1B)7CbONMaek7>TiY zYmmRX1%A__kxJRevM*Mix{N3M!%?>V5bpL5#Nez(9Dn}`hGbMR&wBI^&WD4GwpLEW zuf`-JpUxqMedQTFA6qVdjOlZ$F(#)56Y`hg1>c#dX+4M@gLClQ^g^sW`625Xgk(C> zq{?;hO|L}e_QSAxX)ID#??DWidnG~p#fg;9n_&o9eE>7ED)7?8d{l2fgv_etxNivU z#DAU{QZWZH_ovO=)Shmq+v&fMZp9e6Wwj)M+&>rg1af4(bFdHe$w_wV`9q1ichRdJ+4lj={MkAS~Q)C6hf4xXzgy0g5JTkz9+EzS778Jea z5Q1_SAZOzNOssB&-P^OVc=K+IDs929CKTb&M_&+xmZ6@&J1D-IkwgQk_ngPblsYWi zdy+t%f?n|((X?|X;+CvO#L^vjeO3+jkS#wyr3iQUWsq@SKxFww^b4*;+n2w^vqQpB zcl;{)##X|SLT)+n0eVH2pnM-0`LJAg$1cG94LdO`c_G>3C4xl)d~!BmHD%M?i!%32 zLRZg7H0sdV8T0VctO_jJdk!7w?8>(tMKB|fRz@O&QYtYycOmM}eFop;3e=Nxf}_TW+fbfm05 zhN3pInH>-YgU^Re!O}%oCSxT8-#8X3Jv7V95 z%(Ar@n^TVs?|+7$4$8rt6$cPn-hlkNjVRrI4vz(-p`J3xVPw^?`v|7yH^L)kA+~(@ z1s?SZN9C?l@Jw3(Pdb(zC$8WLvgW5JW#Z>!vtY}JLVK&cGN%O3jfzA4t|Lfi6tINO zabR=_?jMwj=Vq4Rf&P(guBL(aF2~D(3oxpx6%7X}7z8#(1qtGwB5;04f;22YhX#`UpWIP~m72;R4 zAbCYA!~1;vbbJ{m6O^qPmcKH)9FykL(TK5mB%0}#Qwfw$j4Q&!V@olpcr))y$6z|g z*CUtGX%sP^O~`57fsth!@#`6L3C=CBc8NmI&|(ZJSc9L>sY2+|jmTZGh3s_`9QsAU zIjRbYOEw^{aVP5b9z#c`Nf?^32q{hbc<&axG%W)o>F{EgZN{Y1wYXDLG~KBOjGlBZ zg@<-1oHS)ozO#q z;hF@Oq&lQDZbMXU6Yd{1A5V`fL}J5s)^!tn*f)CNIcmXHL@eIPXfO*?3hObsXchWV z=FSOKczad}Mi)23zUM3q$X|+DS(>fn*U|E!CqS85)%4xiBG_jFRWnq|^A1a@xWu<>O6rjF4}Y#Zxkc1h%C z%^)$eGn{z8hD=yjdp=|3q!|@#k2l-t7)|F#dFnn#=3_!{)>my)ei~o(;Wd{e)`kBy zJx&J{usl1J+gFEEM6n#r(1~O}q`=yZbE|KWy zOs1_i3Zx_}*2h+7PxfVgo{8oj&G=A1Tl$*q(3C~hO?A{E8E;KNY~3c5Z9Wd`cgDlE z58LIPYoZg$)Xs%@>6%WQ(y@AcRUQX+_(?FUSBCEc<(yxTy2JKgg1 z&jjQqT?ZwzzqmlnBi=087Pwh!zY+r3O`rP_rgk8=fQFX(i*09`1ydTHGHg+d*MA;? zQfyqy{4)sTi3ZFq3{pcXd|r%F4v^QhqSM}!fF(fEP?%O+{-YpkR&wT;_as^xZz2fQ zi4NC%)`F!U1dt27OA(K@YUrS)_?`)LZrX-G+a_q+1_8FfTRNpAr+6F4Z>Rr; z^iRdeO}Y*S8b{}UZI&e#Xf}fSKQ=8)K>p{`j08Mt8v(^IXgVRw}(|EpNTsMFI$Cl)@zH?kR0=Y^0te1}0fyl6M?NgIrR+L(Hm=us- zXXFO_DI4>dzZr069=gZmZ7K7=n&eECbcly`b+lpBV6W{4wDFZ!l1Y|b7yq}@Ujn%$ z>bWitBO{Rk$)sJ*H>TS_emng)rGG9)E;f1n;AMrrOctQCfVcLF`QePi-s+?_T9Re# z+tOw^GJ&@Na00m*in%Tm1Dpo1H5{OO#qitZB~Z#VAb%?WRvS*41CTYu;IqSW%=BmZj$%ybUXc5(yayZ|4s$H zS-$^YL07=TkX>8RdK0M3j0mwO%kY3e!vbQuxBb72@5Vg--uB(BZvWA<-@ksVp4D%E z{#|VoP+P{$1=w<2Y#)Ki0+RYn<|vl!qwQWT0I%zcU^MKaXr_H=Mxbu?;r@YGH?AxCt^0Hy0I^A%(wkod(yR=UB5Bi`1^l$ zZ~Jd5@5XjA88BDWA{K68+>(=`KFP$AD0jow^$hcp?AoK7zbfNDN;lS_{rlf~rv2Xb zbmRTs|Ltb!X8Hd;&;6}*V;=ha{XE;hxA*nmD)YvA{zspc{-b_2{Z&C+EP|?YLodp1t8@XOQynG#&z4n zQQpsMwtAT)VYY*aghm6h)4kVcHV9<&yyo|cZQE#URrO%`+Nn>6KN#Tl(e|^fw~w|- zWf{s-0H$_m&li8S$1)ACgLkwU|1{&BtgGdq1WWxL$Px|Es7#F;Uti>5+GoZ|nTMWL zn|NJqumGm=SG|;veplNh2PVnOkI#M=zO!5cft^5ALqMkes*9f0R;fBff_YMwrY*jD zIVh!L(kv6osgsws0gh)L+9zB?C3Iwxy~@{Ev}TNW7w|u2Em;ywZT)zEe=Y7(K9nEp zW~26cYpY-amgc_my6WB0JI=D0%U^xWzGpj)yv+;Cd|tD#YB>fo)@|CLz03bR#%#^9 z%)tz*cL2*{ADDg4DQB~@rVb)8?H4erof<>eym0B8rGK>TthO`OcDpuAmeY#F?zM{~ zpOuqfozy1HDABxfD}PN%)oNtD_+{HD1Ire-%CB9Y`CTuzE`UXu(}Ccm4p ze3nbyw9L4XjZwCKnrg9B?~rlZAe3QA8M9zVL3Nb^3OJbT*@5<6mN9J0X)~5R#x*;_-iOAfQ|Scg0#qrDl~X*rxJB_^Dj1cy81+z?XcCt5d(k%Mk)#0*Ud8wo!Dk;DWnJG?jl2;2M7OH z(>}A3RtG*1$UFB}IaDhDB6RRfLU;E#I0O(FeWKZBEsb%0cv<}ePw zB2%_Qf95H$F@Rc39mz%yPn`f2#d}zH%1-;ZckzsYjSHXm%3*(|qZ8|+Jgoq5O4$mgjCW}kY>UG49}z86W7PT3mgph!vj zl4x{E_GHdYb*2uokF~%`+hN!Q5aj)JHYu;OUR^!n_?*C+vJ!Cdz8;i|y+6T=^|x}A zgQEV^4m)XP65FOV7q$dDGvsAXKgvaC_XKp*tS31?Hvw0^u|a{ZfZCjN*&fh52&JDNhWgW#nff~PF&EUGi#P>hzRA?#VZgU*go}hCv8LRNL=ugW2f#L zyUNb#%|`((J_CgFg{1U@nnCoE!Kn7He!s2 zwrQqJrN6x25K2Q1<+z9k?!vhObm>oBpx$cAuGSJ5C+1f|SqWdLbLunNoWV2JPYzLi zudNwuXuIZ67UQVf@$(j?TfxZ9I4QlIjaFxh2~knH4a&glQ&MQWY_x9~?i`Sg*QOCb z#as#2cK&RPUnvD8Pe#x+Y?YlO&qV?25Qz>1P#awrv!x*HY9!cTH z5OnyQjMI0nQ3MAwvxUmzP6y*wj0cBSqM&&n9v{c=T6O53Zy11a1|F;%0l}6app%T$ z9?e@9fOQgBQ#r&;4ErRI7!U8SLnXxC#T*G7Wc`+*3<9Qpql* zO_^DHgyG>~DTrHt7WWOVgpEfw^NK}R0TDr2`)S*=okpfqMgeR`_OAfPifwT4NT3|3 z3zVAy7e)dd*bX^oW84O8i_pa{6;VsJ;um8wF?-bxydJffh9Nl;DAWeZpc7@FJ$np` zm9r$Em{WeG+5_I_~kFhTQMuy zb{ggYI&m-UQC`kEQD0;gAT8|R=#@Bp%YYWd5<02Y)^S= zlQ?6TUOMH8AVg4ckE=jnHT%bdIz!#C@tMc_1Ri9-#yJsCjO`HM+!8Uaq7{R3SDRI% z)&nF%-s?f9NgXl(WZKI*4q!W7sW0qrfu~+d>qIE!XCIJ{!1|qdVMGwiZbHxLY@b#X z`zjif^P!_Asj&}`eMaKx*~JK4yc6AAqmBJ_q+_46n0+#dI?b{jXnWQJ)n}z_Tb}6; z>jCN?_641T>Uxh$Af6vbeb&)|h8a`e2x>Zb<7cC@ap&k75{*K<7djt(6RU9VNIvhD zfbRWgp@&N_?&STyo?Qi($i?VAB_Fnq(YRw+DW00BH6FyA07i=a=i;s*S$KX*Av(#n z>8uUd6MVY{Wa2G?*W01hcsHaHybG9P(}8vCAB7jD<`H|Sv$QYk z0NE+~!q_1l(*QbsZIH%#SoEJHhlTDC2q(t!^;q`&}8-w-mD zS@f)8HdJ7p{z3+!!w9UYyx)ahmU&t`PUSN+Y_{F%J(k%!5Z3)@{AA8n0fht?IRxgV{CdqM3uPJFYCv@( zyEoejh`scSK$pG~Vbyc8ITXV|hb%ae-6-sqBk2=@S7zqpjo@n?LG&Z|7#2W)V|m))@2N3qcyneMn$CTSJ2YRrC)@27j0ebYy`pN+ z-N<7aY_(N^lbm0fQBE`Tq=P5=g~GniY(ArCfc@?mitg-J`(7-Q%5UYYEe_azX9A+5 z*eBa2Bkz@fdz|KA+xd_1Mo=l8JhkhZp$L^=F2SFj8kyDJ%MpNX(_n#uds zW;qhds9y?#%9dmG?&BG10AWhi0Bu{@2sPbHt|Zw>jc#|rcpN9vY{Vk zPW=@_H9({2%ZYXA%gB@9sZGV68zG&LY{S{NVbnE7J41@lc;Pd+P7BA1Bj+(NhHdYq zdsx2e=SmO~ttKXo1d>!r|kc{-jjR>t> zjnxOv;K^ZhJRa0r*6GzL1=xJ~W6aDd$NKFDFfx8A+~Zf_{cnDU$40X4Zj=%2F{!Qz zC%^dbpF=ue`I>av9hzTW4d?pufhcCdp z1P*%&YgoZLJTCeB#=3Tqdb6N@p zWK@#rCF7+zb%?KPMf{QtcxF~P0W%fTYqwx(MKi*eZXx5Kfs*~2!*>}zyCv2ka`_H; zXRX1b;}&3M>1rfZufj7^7gDhb;GeSwDa$q>ZRJ+g;=^3zn)f(N5;&9Q+fk>keQE}zY;M^THut?Ku~1=(xE*$ zz6QYyHY2ubEs~e4!_Vm06eT#PuSRt38jPK{9$g3IV9?wKj4xepV3IeiNn3) z3J|)e6-i`%+pm0y=cbopU}7zPHZlcnNwr9<--gU(t?)}BL+=%iU(YH*+S0X%s#${x zg)7lX3|3>*WJ>`#OYyS_#RS}3es08zvx@lKB1A9TfT*RLFmx^fx8E#0IywUpi#H*( zxE`zb9*19Y30|I(gP^+2h+No;pA1jO=-hgI^QV8o^z!BCN+9q{Uxhi9tKm(#+mTTV zaJw*4tJ!-7dp`aGZw8m)jzO7-TDTr*%Uj`|xtvagz^iuzl>6wc71(|0Q_L)D9FgR-w9XSD0wnAs_6I+RQ86CY&=N!3q7iKNlj$uWOj1ZIYv&kih zt!>8m`Rma;tOi#<`xKRHnsM)_xfoX1h=j#W@XK1xC?^f2M?c1EGcu94|9$j|nos7N ziE%|6FneJ$-ixiK9Y>-kbt<;L3FWPOG5^TNbR+~W&s03%F$YTyUBa~DT7*`v#lXTQ zJUz7lV=K1s_e?xCHU(3ut9OyXir~Bzxe$THb*MRdiJ+T+sr6gXV<4G%?-(rDb_yT< z;a}jFxP%Orj-%Ifbasuyf%9ME&FR`Kk09ori&y59qwLrPSiLqFW74WIzvVcb$*%wO zr{5ra!8!tExY-AO|CtLo`QhhyatLvVbukC3tIgK4RDH#l-53xNoS2Ras|Yr3mj|Vd+1RZp9e6UY?nu0EMRd zOwcm3Ldc}D*X+c>)8{cbrWm8hCeoVs;uj2UD%#FsN^T`W%NAi${Xu%sNUWwJI>ppr z!R8~V-FFrb4x4Mn95s$RiU6^A&sqGOp;H(QFt&<-UcM2#uUx}ZBMK2z*@}5vPvThu z+SW54(fBvxVLFZ>sr59DY8^x%fGq#Ud;}a1l=7MR=3! zvb^mC97E^f@YmlWAf*<=@>XNPuH)$HO{0~Q>p2SxcOOM&>q-1%ND8X??3AMAh*;Q& z;)544JfjA=Z2L1~3bFLq$4Fj#7z0z6V(EcPWE2UAZ+Rb63#t*lXe}MxE)2?Cg2P|^ zp2{`PoSszPb_(9nHCTH5GG^r0VL9dC8d;6!W>lH5PGgVvGaRkjeHw0g8}Ulea_qbM z4c=w_Ll!onV%r6H#8sKP%qdxi4M(ov)yet1uZ)b0jH7onT%wla@;85kPk03ZX*r7a zoPVPZjGbphV`>%e9y9ZO>$RIm1np;M> zIwlbC$rx+)U&N@?TGZ`2hpHXt@vG6fSaO&;7nzLW<}CNwDaQNCcBnp)4;vJ}L+KwUFi%>!U@Qhl3 zwhuppQ$#J>qUb3G)zsVBWm_@3bTf8c`wCA_$Yh_Nh0E+b6l^|(Sc1@FQ%mv4)JkkV zauNecbUFqsfJ=H4{Hfo|PP`AV;9LUCDZDc=o_%rwy}}9+wQ@H?>Y6byXCXFT{tWJn zj+eI`!>gm`A#TwQtUCE29JE;(qvAV#;<53>XJ)t1UyjVfvg6kU)I`uIg8j*tGl}&hfa5VGXfbmHsC~w&dzqmT;%xt)3 ztVF@~bBGc^>X<^YQMUp*>iMWSdl}D6$v{Tic@l@s1fxo`Rdo4=y|C#Wh5UKKKE8&LSBJDaEn_=kU^$dDwXJ zGF}R*BcW)(7MAxDlD;>h7bAcKuIca@%r2-yEp_y{u}SC~Q;!tm?}63pGmyXQA|u~Age+K& zR`%&Hi5VRzV-x9Le>r}0JpC`Ge;mkJF)|h_hVmMl)Yy+*e+_HUb35l_MCMYQx%?@9 z;ys&2{wewdlA*pZ1=F-&^_q1EE33trifvSk*;KMq4C^aULhzqju#Dw0wDC%X14HKW zgID1bM^^DtEFK-2kESCRkg{|qGM8+G)vsq^-N{ekK^9{5^e_Z2YN1!%f)^)cBVkbk zQtMV=`9T6sNH&`G97P9)Ja-StK+Dd97*nP{02K?sN~u&*{CJ zPhP^~V<-zU3G2SWDBidWKAFwvL@+w_!AD4{T!Co>bN}RpXl^@%S?O%!&!%7!8ByY@ z0~naR42!lMVf_LT)o>USvgRYWVikhwH(_+<0_1Nz1FKhqvEtyzsM&T9Loyd4k;>y1 zUXBrSm!r0IH@rd^DVR_$kD+uNDq8m79RlVvlgiL^>@qrggyOlWDX2X30Rm#_kak_b z>tpj#v|(=i8Ct;8Va zQNQC9`b=k7`|330Z9ahb`if#LR20$i^Mg6z9dH2U2b8()sREob1H z&S>P>Sthz$x_&EG?mC7?$5+7W<>`!sS}~Xm)iq{5;@P*0R&T&U*7KE7@mPNJ0=hU( zM|$&dtYoM@GOrHdHBESFyg-Lw*Cz~9=5IhKBNywQLD+QQC>|e5{d{3MiW;^eW63Vo zC4vkv8k36GqH-hq?1fqQ`S^L*O5Izqbq^Z$9y5Thw!JY;+v*bdU7}G$#x|v}1wlny zkiUwy@X8oEier>x5qbvA!@|vbFqZv#mrpEK>^_F)$LHaWfIP~2BPPzP!`cJKF*B_k z^LCxY+Y=K}!mxjMVlJBZ9Y#iDD_Q4q1g6hNA;GR_*=AV%d@P;|szB}Wi@47f3jMCFzPSi0*3s+Kb%d@~3Sj4VU-j$?RbQXWP!VxCsC1gm$Q zqMd9Y5n7A9`HPU+uoL~`D|!D6+N@sS7aCG3hx;s_JMs1J@ch_Bly5zbG1)5_1q8z_ zvK&ijd((1OAb&|S@n{^h{ltk{AFe4^2C z{C!NUYC+uA^9UudxXy^h26|$*@O*4MeiofPGw{<9#n`?72qsmwAcsux@ga$5Id>Iq zQH#*YF&&u%$O;0Fuq5>Ie1}I9DYRx@Usa8n2}eH{g*z&Jpp1u4DB2f43JOGtHK+ztFZI*C%B8u z@Qu)NGP}zdlT?iQ!yn`MY590)P#9uYZeetAjeSYrb`B+zoQH#SK#va3q~jxdp<|jr zgR3FH-0eCGPmj;Uvm=ujhJFa=z(Ph6Ay~Bk41&s5V)L;}cqOzRZ_b*Fv)}v)uT3gK z9s8s8XIT0>zItJ#yyB! zu@jFCOhDU5pI~4@4Jx-DMbx5AxW_#al_UiN!}3tQ=`cp*HR1lj1U9nL;qzOt=fbD( zoSlitd5ckX_yT@8ff3gGpWw;#HfG%R4>OetQByVx(UkB-Bb zxlL#~{sA8LPs6Oboz%@w7bSMuOd7(G7YU~uA+9s zVRZ2zi2Kud>F{pabMMf6tiA9Ro(xEWSK2~6Nqu{Mas>fD53QH3A&5llS92EOk@1yu z6me)iaTaffRS_U5Cjw*dX}MT^;v;mYGqdWcvE(2OFKI$Lqs?bWXW}sXHKvaC;FpH= zXFoN^L%tqVj{C^Gt$YfIF(eAT!jagpi;?~jMq=4$ICP!_su0gkt3utrGZ>b%04;lu z;^9FV7+A0w8_s-y;Ur5-uYQGx`iEiV?(@We?f3;rSL>b=C~RWHG{i68i0I|pF?ZVuyf8i&BMMjHy#$R5r@&e-(kQIE zeZmk^-;9veI}o|L4fpwmGqkS7kkYlrxV!XEL10}Aq8F}V2>l^L)wL|U8ktS|5L>&E z2D$^kA_EMr-HHx$JogXEL}1lg^h#Jq1z(DhX_Yj7hOt%4FrmDe3bz1}OEw{9MH}XA zJB$a1W#EF`Dh+9SN_5dL*sckJQy$@J{>^+{<>y5@fp#%)`${Wh0iI zeAh5C869}xmWuJ^O?Zz6sqxA_i7Svo#YtPe8E?j~C0kA~2Q0^tp=>>K8ObYl!@(&A zAxpL*oiaNLN%GhE`*bn zJ4WdxCmpkM3f_)dfwprWn|BH6tGD9UK{QO~7|dSKj8w`iq~Q=ApR@o|Yc~;uX>d*% zn7wej8HenbQir7V2asOB8Ck6d@%X3=Oeb(YKPeaEik9KMh$=IMHJs(%J226lB$c&x zE7BUaVavf2xIcgfrD?2WNDq(6MatSeNLt*A{FY;QVOAMRH}1!hE&C8vzaCQ;w7|wC z9AuTqvMN_#5^-vPGVHeHrO)Sn7D8&f@{{}(Gl|y(XbcU%bPKK z*-msHS_ErNd-F)e{Uh?t$wd8TQ@&zsHQz>g0WEj|c+)GI&MS69^Vz)Z7MGJ4ItC>+^Qt zT!!&05wUs~0;`+R%{K@A;>lRo?m#d8meQ~rA&WO4dF=tb6;#V8v=u)ek%kHE|EH$T z#nTfjk-hF9;;1`5WV{_IzZuK-BX{Li6t3Qhpe5U2<4Nb}nLwLJ!|eK9h-ZCM$=b)4 zHp1RN9h!35LdQ3*g!ZTx*_!&P>Ba65cy4Se<}BV!Qj~y@D4<+Y(vjP z*7?0Tn2@&&d5oH(7PS&soAI+TX$Yc?#nv^WoKd!89HY2*gV1>D8X{^LVZR-NIV1#w zGpiXvhMM6O>A-zMvJkR#2Ob|+!ulm(TE$wFtZqg$9oGG07o+n4>JB5%blOZI`~N-K zl4o)y1{5`!si9^K3-i*t3Cmpd@8Re_l5Po*_gAPxFDuZcx3{JTwb9&Ejg{-51J_ux zbRD(Ddt4*XjiJ00-pad}o|VSw5(x(?hR$#_3w1nL9>XlXwENI6?E7v60@!4)}yvI{hndY;8A?Wb- zc+8?RDcpLRvS+>6Nq4vf!@gf24L^xSz>u8J*+@=003m=t>y-yPw!N!IFh5@(%3)nQ zdc-hK)>TvR{A7fR4&q>~Sv;B{kDMu9u~gL1n=^O7}VL{r}UHESq| zKvIM4C$Hc!ALYw?uP+R-b_!**6p2nwtea*JX>WJ7*=hityJi=8u)TC99odeq<^T%T zQ*+97j;2CRG9MfFG<4Ri3LQW(AP@JA%SWeP)5*3MVDrfj(1TH*t?Hr|;5ul+IT;-_ z3#cz;;2wvihc00PnUa}JquEWGB}4t|<~R|ZHFc0qQTJIn1ySaDo=G!?G*wM~NFB3L z-Kl3?y{KoJ-`qdn%+%T5U6j?jJnY$t)zj&@+9*+qRL(VcCz zWfUXbH49)ES$5Rnwpa=5|7767h(DSv-rtK$$T#5QDT7D);FFu%jfi7KrGXhi8`+ZFy@3X z_OXLxPAAdBWfpCoWlPrPBr$=x$PMeMgG@9LK*O@CgI4geT&>Tr>c_TeN}m_y{az6I zCe>r4>{@Fm$jBX7RyQx|xD)k>5rUZ+MSZaM)C?cl2Jo(4_ z(bYW&He|}O+eb!Zp@vb=&&Jc1T-jDe3HC1GW*vZ;UM-TUKBLaJ4^wKW@h;by%uDs; zcP%(#A9kg4*0$Kzl8>>~L?bgZdLdgO=9!U(zrxXfAl(Wex2#@b#ROsmUdxI)Rg{&M zLYbGLnPzc`Whh4TTGd(nE~8XF0(4Dn)7(sd%^Ri?3MhSfUDFx`HZi6NIg@z227-{*~S*M2u*X{t+fEp zY=fZw=RMTJM;R5xt!l%N{B>~X7sS3}e(ZMvuBIGo@r*^s1@L^1;JOb4QMC6@ZgaU|fb!I?;0vl|0R0z@WF{g{{f!OZqD za@YUs@;3IR{8VqXO`mm7`+d58{daTU|3JDGKyH=@D@l+h2|Q>J1SbKAr2{Ec0-m+z zH=CX9(#TFIG%|NhCsL!EoR9y&!{-yk$Nw&v2i}CTZ zQ5;`_mY5)wOsQjk$%Vg*O_Oy<4sr@+$*(a|DU1|M*BMpWk(mmL4cS zO`{7)M+fF%M}ya5nGRZKpcS0{^C-t;mahe3WV=SsbzNjafMEeE^|`=O%f_{|+p>K8 zx{j%BCY07^$wPXe#QGa{mTlx=qE6|AfSzQ z{dqqFHeBq+gV%J@3qe9a-+=~b9l-mg0DM-3*})P{Jix+B5vLqmtPXd~7@kD!!#uRxLczXDX=}fa)USrc&86%yMv#v?!E1 zOGcnFjbg}Pr5F}~H;EuGE6FPYNd9ViFO-VFpoqtr48%j&dFG)U!R z0S!erIh2d!s%S)DlS;6s9LZ#?S#L4VE(}LIF%0g=q&jv`#3a`0TgbW+DCtnFy);z8 zGR4dWX;_SomHBq%GZrAHJP7b&t~MSa%%5#yIBw%b(3f7g3Mjq zk=31UQM^v#L?@>u>t?YU@3B<`r0)aDcz-ePRdf=<|4{(uKpDRlIna?PPqjrLYzW77 za5aFZ2v23Pjv^7Nn{j%kzWiOuI6mRPb-A&g7GlG;Gk?RZ(>AMR^ikF5jU9Ry8OPmBatwy`h>;Oo%$BMw(*)KYi@T2d4$l?|2F z0^-_6K*~lIz;ZiMAq9%sPel8a81_L~Xd@tdvETj#QtkI~9c&Fa(y%&Gsk(SZ8}QM- z9##X$+O;=_SWy3X+#Nussj?_LGw#O!b{g{}Xqg2mR6wzM%K-;8a;=0Uz;t7~?;avn zqjqTD6@j>-q`8!tm^}M1fJQe^V3mMQ9#Le->;unSwwVT@-wCE&0@9clL6S1PCxC6x zcq9#3@{*A#V(3VNdc;2jotckiD9Cc{!GQ!;=ArUcKg&i&+OmKKEN3QTqYRBPGXG8* zN@0{^tG!^@2R3Bg+T+6vQ?a}*1Y_05O4}`vE!z{=&BkKPS7ZJiC`Sv^k1|WlwNTBD zWpp7BX_(E9GB&^yK#)@8*jLjBHI^Ge8Bjh3KzW_|plC|KA(m)Ia5L@Da(C*Iz^o$) zguRLScwGP@urlnEV8On#caLLzv=@<>tHzN@21sZWF?RIPaFZCbKuAZ#sa|5Fv=z!q zTP>K=l0-tx{yiGTWB*eR1mbe|+MLexxAdB_Hk+fdeCdgzGqYiwe;Mn}@--B}cFDm@ zRw7FsDJKD%+9@#YL1)s1PD-p-d)3%!weFw={9R+@>BdQFQ!MGMWqS@wAE|uHiBpt= z0aodjg=m;)Kz5^hHGHEwu?-d==QaK=a$svfQ_esbq5Jun_F*=ilQULdQ@0FRqRe^> zq)rH1cwG)a&PEZKA&owT78_%~cP2TwXP};u?oo~`*MUw<^_G*;y9qlvSJp+cKr zrsRw)KrVUS6a)Xa(=7pVy|593Adre7C_L8w24bgH3Rj&%F|E24BMa7%LD4Yv;zKX@ z#0Uf)G$Jzrp9-YYVf2#EIim$ut^{m%hRp5?=cL%`e08pvE!h$k#V{orm6oWRy-WxS zhPBez?x2xrk*so`jh4Ixeo5(=;jdy z2eMJaC&8ms_|^0>%-?q&J%-Zh>Lrk;q7>HE?580XMmeeNG$?CNMG%bGBx{|%ulmvO&4Ck= z4g1^5ISn2ORmfU@)N*>i_U4d0eTt|b+DweVLD08lerC9YPTTBuNitwh9qm8^wR0yp z=!L9XG#(m}iistSn6qFlJmM?NYzV{lBuhpMod_JAHPoek;WhJqL5_;D(hGfi)8}lD zVTS4h)=?3MhIYKQ7Z06`hTizuuxrVMk)riLer7+LHnDyVjBo@*wq67k0;`fD76T%h zwkJm|9W~%aU{qAX=*jH0qq*pqWISRjoYFIgju`i;~gMDvSIU0G+r;bp+#PV5|Hls2iF5uHU1L-`Sl{N;G zgU|~@eYYbh8}=(_Vpuv zRXOY*;fDHHb&)f)oa3uRN2zOapsIH}_We-OEdg>f?oHtvAZI7>nqfxl{7z&Wcl$;m zVMQB)D_UXoUNE|Q2IDRTcfLBLF~PrG!ul1;9rE!RKPpPu&g!9gv`>Gd8#vQXb{~zBJk9hEZpZ6j3uY9pjU7) z@>>sJMAlOCCR_WhOetG~;+?0_mB!qaj=;SAW=D1)C_OTSA*_2efk(q21U+`79RZ`G zTPW@wz-zA2^z!kzcd%xkkV&~~MnD7}A#?2D6a&AEwMcK+&3aJjsCah`V0#8-@cBR* zHk}s1_b!hhyb)N2jMgJ~G9U!D%tP$<{sCn2TC5>MWxIQjLB2dL32XNr!eb*fBtZjo z%Qq{`%A2>NyPPS(zMFR>enRG}6X+!)J2G(@*u9JZ^t{=z&^Z|Q`;&2r6$>=!6njv< zkN9VxbMIJ$mbV~zVH4~%tA~d9(BM3>Yv%d(L?o}>kBEiqFgtA_7STz{(52)Knp(PS zD?B6X@ZPjCtUqxDPmIks8=G0V1)-Z?Jl+}`W`;w$d4=OAgW`;H)}};ax|$tic7~*k zJA1`YAN10RVY_P>?hBw^FnTdg)2oPpz`mu?jmWG+S=%La={FJg`3B-4ZSv$o{qTxF z>9*tO6SIhYCq0T|8&WKLf)HqJ{L3jnIzn$cE`rueGqO=mCo?8z3HnS)LJ^(NgxVc^ zmMqm(hg36~4A9UM>nzr*AvEf@y+ZvJRIZly-${M2a}I~SOBn9*j=)_*3Sm!O zh*-P@LA9Ic-02WV03Klb9kc~6KX-SXX`Hc!mPX_>Aam^j5*0Fb0-T1(v=gD7b0F@c z?sV~{K5E#5U}WPSiwB0~m}tYsg;57tvUZ}hca5bJBngod)CO(?$f61C_xZ+P)y7u1 zhn27&1lZZQhcda|Kqnx5(ojZ6Iub=|HvNKew_lu*pS5F% z(E$fV3<6RDYd1zzn#I<|We)D8zTUxdYz^BlqgGVK5CTZGhYMA?pGcqe=zS!Ez5SFAU4U*{~@jIQi#Gv$j0Ic7mC z>W{sTQ3Xr!%=BCY(m^FPY{%dtmhT;isQOLFZ`cCwtmVjP+J|#rd;|BWGQ1X8g5;H3 zk+|+K2FDiRof*Yw*n1pd3!0GHuotI4{~U8lR+=G+iDkUQg~xou5x;l`rq?!Me8wVFY(79a(uh3@@N#%P_Fw%B^V^PNVAe8hK6MF^YYw7_ z{oxz60KXiagUp3%@WPA*h+DNC32Sy>NLd>Jguv*O2>19Z1o3z4zCjo=w*jL|Hkfq) zs}G(=hUPspqWal{blgXlm)3L`!F8=zee4p_n~vhq(TNCNxeGD18!?>E_MV-E_rLiq z3bvoXoqkVQL;4qCl84G#~ZzOaw` zM3rK0%VDH8@5KwV2>K)zW=Kf-KrqW$y&H@7pF`iI<#>fM45F^ZuR93GSvh!TS_X0( zHenX~)-h=jb{sy1Jr_U5+rgz6o!@|jI_lT5Ry;(KGrMplHXOTv(G?r9c+V-E{rDPO z(v}$~WZf?ejwy{OZrz8#Ma@{S>y%kBe3wroQrGN8s1~C%?!xOc%aOeP5T5XlfMeWp zWHq*-OP?7CTD%ocPOpJg?*#lhuoBn4{u+hbkK>LZ1@KL(N5O{u$lZ7lW9F`)gQU~- zE`URyDAesdivbCxn6Pj=`*AOxm_%K#-E6iC2(I0RJH4VQpIU_0Z$@&{4*X(l4kMWw ztfAaODVNL*yYcg3bUGvonl3wq&rB?BhBoAiT)d6;vK2ltRhYYe7t%K#!pOoVJTWR0 zq08C``WbkBS_x9u9>ybMt5CD`5Rw{q;sxrkl?VIJF%~|tCCJ`<2;uB^ExLPlU@+c| zT#T7j>k(1E0b|mZAb}3??Wjex+h}6S9!8RjFntm2qF<0%_>|MU3v(Lw;ql=q7+SCr z!F09}#GZ!+(IJsgnV}{zbwwJA9h(_(MvlyIGkNHPFfLmxG>i3={ zu+GPwWc>XD=VIfzEAY=>iHMbLW}k>|WOUjc%|CxFiZ|^+|2c{H;{O2wsdb1UFilLY z#ER1&px1;*EZTe07*W>xeHfm;m~A3kamvQ@q7~S9@&fMcI|ULM1ahBK8SE*0z(#*{~BG-yV&cT_=#yxC8zfRapPQH3XG4V#CEx@b-i_ zbasirkZjfKC~W$KXef;SyJkCFeguZ0$NMJA4j5pHPaQ56{G&W2cxG9i>88mn^oW230ifPL6@7BtssT zSqX>tLXg{f6rt6ux90h}q`^778qLQ)#PgGiaro1(@Y3K=Os4V9-9(^Tx&ftI5984x zkz|F5WRH80zjVFXsq)o13otak6srzhz?k$}ge=&MX#~YFxroVSH8qAh9_ge{xf)KW)YcMA+~))N0(5Ada}&9Yv?@Q3nh@#Fb9$hxF%!C_G7H) za>|KhBw#KaNDdb7Ka1IOtFiymRrHRiBpAiesP%q9de1g{XE2w}_W?54u6#CgDV;b0%ycbwbnO0*Rb=WOoIdWDUKo$GJ z{@o~yD{MgR=H1W=Tr+&qI|!qzc461~57E8fBxKY#A)a8Aw0t`Pt2e-o&L@2S8bq&T zKQ7;epsY$nHJ!wcYk$DN*ix)JbQX66WD)@LVeeOjRdf_@5D=eb)U@r?Sv=N10?&*s z!PXBx#p9zBcpn)&opbHheRFglE7M7;ymY>!_;5jJ1>0>P#AXg+%d!x))W zwjD+Es(qM7GPC~38FcCwO3>ec`5X6=Q4@IkrNBL9wE^UZJtGa-8aa0jmK?u~XNJb& zXCqRv>cW>8M8{D~o9_^igZF~xWA%}b@$A%E9Q*haJU^Zw>ZYhOhjx&KO|7G^F`afJnonFd+w{&^xZbQZE!lP&vx}CaboWvCMHON>@4b&Y za3`av@Zx%GXIot2DzW!>G4Z=byAuE@^|MHlPMg)Sc0F~D%U9svr1Q!b?t-IvttOTnOJb- zLoC^J0xLFdN8dT=aE&X)%M-|q6sEewBD;A%#?fH4=;ZiEpJQhJBJ>F*|`WUU5;f3E)aZDaj$OzHtyPs$A;2@kvUm8=VDm)GR)t0gkX|j zR=qv$8wjhH74@`XLEBkI9Rza6IP?iF!IFa?;kAi*SkL=95P1F48&E|C-KF;g%q(4l zrTfm{#i^Busosvb8Zx6k2`C^No|9RDa^=y8vL?+sQT?Xp zlp$-=MOeKUfmtPuh+4jljBz1~n-BBa96U=vZrF4X1?#qBM8#TIJvRlusf<*b&SQM? z3S>8K!sLv3*m~|G{BmRpDh^)3b7L~mYjz=yp1+Jf(UtIvDZ#JDQ64l>GxqLZZH5P` zw;e{}!c}x4L99y-o*0sWMSCt_Ktu^P>_3HvCi6ZzI9obr?I*5x8a7^8*g%kU3@X8+ zV~cR`({C|4E)Omd^Y9jd`u;)bj9SPh*{{!09x=-ZvejEC_aqdo*@?+%g{a$g7@qO< z$X(Qm@P(TR^3fPaeO$1KI`d8>tTmsXpg6I7GZt>#1FN^DVZz*HSh#K<8uncv+aw`* zX%2j2N|C+g97fX_ZQHROVT??YwqC)?Lnld8*e>r96P0O((fWNS3~=|3tVSL6!0MGL z=;jhl5WIw6O=r}>=*q?^1k1J@z_)+=gV`z6>Wvw+#Sc(gzXqB z0P4L*L@AybkwW6I4vDK-&lhK+Uw9r??K_Pwbi!7i3(%3yelgpXSiS_|D|Vsh>>N~* zuvxu5jWQ3x5`LbYUVyo~&k$2G@ye6}tlN7UuTCt$+C!&s*ANYH(CO1|T_b9->F6cO zV+?E=MU=3wheT#$$Jq}tBXd3mglFTuDH(Wz?X2E*3`Hx}!LM+W*~h7L`ynJV;+;lD zZuJ&*;Md_uB{A8*Ya99nC82NpGCVUO-!e3%m#aS4-% zS@h_y1Xp6ir+>oCxeGC;vI#|-51P%0yi=CI-Zc(>DK$9zZ~u7Sqt!9 z;&QU+^(feU8t&nhSW0H_^q5pEp&w&hj@K@Lr{FiQ71QQ##L3UT!~=t?@mSPhlik}aT zN8&2Vd;MO#GkZQt_nw1WbU9_ix;w_RlgqH|!q<3Z;#_RH_!+t|f*M?~9?K6Lhd-mE zci2ab`%Yqf_DW1CXvF+oAG1x3XuI$+`b~<*d>YtDvd`e9ZHQXD9+T(Qqi{bBk?c*& z)3rx=F%30p`2mKw_1JLkV|4RPg>%9()Ev8tcLV2R-QkOHBj~;rT!{RJX5_TdLFrT) z=Xkt2D;srWNsjD?O{Xs*s&Ow3uM9`t{|r5+=OMl20LJ7j#ZWq~^`|~W?^%Udck~?Q zwVX!b`lE=e--tnEhkL*HBYsN8mc_is%v*(5r{q#TAEHmxLi7zQ#jCRyAd+GJyD`g* zBe!;nN3XyNY#=)vncs+C&#Xq#-t!ohzZy@Dnui?>+aH}+iu;FWU=pLpF5Yxn9@*xl zw)W<6Ph5d+1o=gW&SPqREncM4e=~GG`e!!5ZB7os^elXntI1YZn~0-t>PECuradQz z5xma9pFp11u!oFxKY=CEZ2GnG*abW_mid5f`~QRM5hN>H@rAO^6nteteY1!d-%hcS68aq#M=crSV> z?jT4mQXPWcw*bnTyeDW+wG+6{DJDA=_m8`|2>P_&8U&3%H9rrQ>A6d8tcMeWOhXE<@ zPg;%p{UY$l@GypOt1y|NV~-)(cx*@kLg%l-41)Wsvx?BsX%@P_=-TfqA>sYHqB8B>cF0?W+71KnMxVq#G}W>&2+OV=MF z1DssG3^R+C;%B3?(9wAoM&;GRi6Pt5lQS{Bya8j2n&F;MgP%_-gj4(?^D@iMB@C{~ zH5f2&9lCo*!HvK=y=onN3z|)6`q=19%&cs{q@ra6!X@Z9u!v!wWl>LOk0=aJUI6dp zg}7@#GKLn>=;p6LAF?EKAce+s-IDR-=yW)zt;7S2UVM{kpyS$}nNp0N;bm|nI}5B@ z1^@I#hP6F1FosNy1`$$*esOh}Qqct8tW|hobT(d|Q$of$7tb@w>77sq8_M2RQ}NuB z@z(5l7{&g6Bccu-iM3>5EO%TU+!7YykwIx@*TLt)>M*IY731@lnu7vt$&9sYrj~}k z7haCgibl*RTZ3OtFT#N2TI@P-gaEOSvLLghW9aM|gPG}dh-L^qG`S2f)6w2JA|B)B zuEn&{%@|0q=)!UzpHPCa70q~fNHX4=nT^Sn8!)tFJ?j4_Oc-k4d4jxKR}+HgOxbU@aVD@(F(7xN~SJeA5=Ai+eccRJ9;Y(Lry`p3-8pMEE6^;b)WQGa5<6 zV`QXL7OcaBigkEq&LX@SvjQQNt1&FC61MIMxX(8dQ`mp6hc86`q*_d6IRoglA0C;7 zz9I7|(<%a$wgL#pP)2PobP%>4d3-hnFH@IY!gW$lI(|tu{5Ew^`%6LM&K8*ty?6g)K{50k5!F{X4S zo*Ei!*&@K3AV%GArM)~ty?b&h`?PqenWj68pdU#+9GYE8f)I#jf~pZ(xenut8qi}z z4(1fpW5>ahMhE;-R+eI$oj7gDHopr5Yb6*!PXZ zbE7gbr*ti5&07QigbLit=+iTKIePS;M{rGsw))VE-iL;#8(EJjSc9P%OVNY!eROO- z##e1Hdw)MSXCd`J6R*uFgMTXJ<&utHOfE*>lvS|l7X(l0efWYV_{`l%OiChl)FO<} z4bEL*_L|pJRx@)&7hO$%moc5m3=^W~G?Ny?;?0rKGcw4zJPqFKOd9cxmJlcn)m+HgvbvlqAy|7mO zX?kMcSwsXxa6M?qnzOEHl$v+kkBX{&UsMl`N$W%x_ar(tmgC6ZUG-L< z^)OQ&`C0pyXyyU)*3>M`#a8{S`f64O^U^)N=fI|KFy%#g=yW8V_R>cu$HdVv*={W#Cscx*h*?)%jJBPtuAu}C?j^xu(b~t*%fJp``K1Vjggu7XNZ=w0CoC0Cj zXDVzQCtHkH3!?f3Qw~w+AHyhcb_pH0)wLf-m_sdkmYFF zDEr#1kaiA+eIM3AWq21-KZ}?rf7jLlnljgKHpz_k22sSUDX#1z&1O>nyHjo?I#zus z7pK`QFPzRmTNP+{ly;+iQKSp*(pUDqxyHJxe;rAlG}Y6C@{wNX#He18NLjQN6^+D; zSJ}Qke3t!cj>4m?H2W;8p%sDEE&PpnYI>&j@B%achx?wzRQ&WgNevX3m&NX?My z0QL<@mQ_#6jwH$~6x2Q}8gg?AVp%N5Og+3V$A6mXhg1@U9cC`F8myO|Y_R5(Yc8m! zAL-aNEvvWj(E=0+DwPTo&Hu`S;T( zNoSz>x&CCdG&r3oZdnOOA=6QqvQ-ZzEoe{&XaR;DuiI$h2ib{be+ZVPxxxzlv?Sdu zPS9Lsv65^mHi3%Ds9owzXZuqDO`EhlT&pcLPgV<52;i)TI@lblt2yFkZaK>`4j_ez zve9)N1Emv`1Qb*hft^m>HU_H~#bVGj5-kQXMs4b*{VgntBsr)~I$7OPH`ZGVT6m9{ zcdTmyMZaRpGwdHNJh73JG4rh3Wy1dgA(dyAg%bqyS<^;UH`QOVptGYjj~hed5`YXs#FIV73-~QTG(P%ADX(Uf0&2*Tyw4IXtbzA3r4gricXob*GpXg z3W7i$UY%XYuzQUKFwAxV>;v|ftzMu7ka6j3#6jA!K;=?)l+FLYz3%|ivO3fLrZIpf zn>Cwc^DCmUCPrg4*+df+DN=?hOaUWpWU=rT!|F5eKwKxO2TczJg9Ai=p$}C!xagbGO%Y^w@NqbfCLi} zm%;zkW>nr~v>U^Ep*z)y$Xx@3@~LE!LEPL-{wCYrK zeIVL?r?UpCTeWMEl_YpeKkJRss&}Mb?j#(sOf5WyWqak>r3Wg-VE9Te0dD3K`pe^@+c z3?gy$0iCFof-*5M#YTxx8OF5px< z6aO47sY8{{hGAsxrAtqbY?vM+l2NR99k7rp0iB{#1EpIX&|&)2P`%^#Oiy$Pz7~~< ztJ&xxv}acN(H)(X*1c1yvLpG#{>E-!7(R!?vTxmM1j~ zkNnS-qoqZ}!15G9SR>cTv_eYYI_;^>t)qexT(irlOGuBL>l0WwS-Ui;V|(P`T8XiDkXj)eQk zO$2MIAlRmq$1t6eReduaoig;4s;M3{_-H9af`ks3D9!BP91L_xbf`YklT5wat!N)h zQql~_gbszp_!2o#YA}~RbPXmN^fl<(K`NDp>Wg*7{G0S^Z7+|5O9tcBpr-neS;zC~ zM|Gh-qc)(EsUjie!-Nc#i6nE?E0LuA^lCTiQ>q)bDN5YhXKflbH4|ohl6=GTKL--q zSI+h+{V^(kwQ;+@R)e#(0}U1;S=A%sl)a^2X;9rTPiiA1KIKvESZP#wXgSY>0+Fzm zYnYD4Q8~Cu{Xtp-b?B)J{dV!UH#4D3cWp?t?CTLK5A_ifj!HS3qkqnBn{;HF zM7G*xBjF`>G9oyL>&U(I>6m&4)wKpWwpj^u=LIw6NvCXe8dd|1+O6{L4P+)vn2;i} zFC>?!Z&6rd|CD-d)7q-?loCAUJt+MB=yJp*6S*qgPOGs&N@^m>iKtDB9Z641CyiB5 zR;VQ;Qt4$-qhiIgV~fDU*%-W=)-${%11WuCgH+>_P7;$^N%)abBt#LRrm5Dr)EGH6 zCs9fYIWLW$CvZKzccoSFct__&zIJ+3o!!Vv9VOTPyDEwuiR5i32~7f3<*IS0!}C9p zl^Te`^b@P65Q`mwq$+7cCqFF?4OEOn`PShGuQQTt8HP9D1R9Atj|fxc#Ppi9BI!+p z?1iC0KtyR$f+SP=zba+~%SMfw`LY8clr-tbW(zD!k8~A}KU_6Nk*g7~h)t(drB`Gm z(gy$$>%X@suqo zZK_w5sZQn6jwEh3opbOFjiHoHGHpuo@CJ7OY=CyQM8WnM5jV{0S<=0ch|+Ec-@N>5 z!1D4Ls5{mR-FZ4yRM%b}Rqxi$=~g7@-4r7~g2EHQuzWcSi6BYa$xM?_Sw0#(RHm`g z;^-e_r9Z^lvV;=FL88}XF7b?$AxAKQ;X2iNtzHBy~#91=SO^UU=Jc;b3{7oteRPQ?8KaOSQ z^($S5ZmO=?@0v!l?^9?}{h0*JG=;M)BBG0JKr$5&Y)6_AXwa1^2!$z~JDSaSd5~ZA zL$ygifm@rDomWocCg~9h(*VH1D}n>))luRE^=*|C!!kc=?;Zl?K%eoA(i8DPN+F zga_>9UKJ#wmS#UG6{4grMM0F#OnrcngGh*tfq7`89SbC9>0CF7!aAIYD=?i?m>!XM zYi#Nq(vP8!!Ct&}be@ghTRKtP0@J}kK@y#a-i{8lY_%2{XrLmB5Pf)M9F1bMPRh>2 z&gOMUrG;f`?iD}N9LT#QD-wkW<(!0KjZtATos>dUPwHScMW-LrET?5BmZv(G1`$b# zip%pSA|v^kJ;PI4^&kC&a>^~z^#(eUhB|{0p9UhuE&UtpkjlRe=;~CgW9DBHvGS#I zRT^|bx73yDq_F88@rUIRjz~oHA+ySmg8@6a256I9Ng$S1KM{EY3CoI7z2%iNKS`Kj zB2nd;<>t-K=st<*O&o56iWg=cJ3MEQHeiUrv=rnGo_gAB#>j-yzl0LinZnWZUUB=& z%w{iEMDF^E zL4xUE*?Y@zN{8AY$&CZE1Rrn7$D1j8gP62HDr}{PZC-<}%3A%7^csS8 zl8+iyfKU~VpvEEcl7Eq-)*=~>HO%w>%dDxlq;%75VT7g*pfs_}L=t*8_xevyrP1H1 z;wK(he`{{+NRzlbni)f z3sdP=8vSMxlx8cE>=jm|Eyd|S#qCMx%E$Q*uXz0Ad9EB)wjvXir_739gs*qTXXM3p z$2g3P8UDHUV{YhP{lEqZfBES@Eze29w)8444VZdr@Ku{pJTfaS%A3kjb>hz-)8dtp zmv#}d)vfvQ$js8nFwdojevDu>0Q=*#{9BlMdIO}$(gYt1oB!G1NN^xh9HubK%1G`M z56j4Apk6vHeuib63v3qQm6`HxZAQc|$)53sOLc>m+blh52P!kK+`M+FciAgGg+sH1 zFbhXz$g(xH%Swmx;kEbrIOo@&HV^gfF9TdMkz0e;M#^S2$qZK;&BI%FY|Y4_4BNl}ng&Bph4sU$V1VD_JdKsqk= z8!!h;r~dm};`%gPN?8Ah#{OmJ_hKjy|H$_6W#r}WSsucrl*t$M_gU@(`MlKn`Foew zKM0pfr7_T#S9 z60}R7iSe8EqGv%Brf)t>|I&b$k0~`eCAR_#>fXYS9EbQ;LDwAoWWWUEu0M>lMcZ&| z-1C@Odk6_*W@GS_MaWsc6TUXtsNQh`zvxwhq!$)o@~)Fe$eoWZZ+wh9x{pHd@)el0 z^$6NLGZyQPe}FstPs2+GPhs?&RakZCByLU^gx#kcZs|G#g$q`ruzDjB^OxYN&V?90ZwvAkZ$gi8)d*>ugN~V1h{@-B z)Mz|DaTR{}XaRowbOkz%TZ6>xc_is~@T^q5uH=BwcQmd`c>(>aHsiX~v3PFAYW$@8 z2n?ON0>c(Iq+FEbY)oSA#7sus= zG}6TbvH8%25}qz*eJHB;VZ_0~!J#4GlGn&7$=U_Bv0ADqv3;KUnjF%30{_co1Va#_ zFVh{;5vm<2x)okWvD=RzfznS0l4$!J)63zDqI9plsk&hIzF*^+{3)n@^*BQLza7)> zn1)atac-^kc%8I+4xx68oPM>xxE<}H`IP^TrTC||46CKSPSZ}u;5!UQm>rGJ^7gjI zEPhtaM|KgiQIOr=xA#qNxI8uK6S7}w~rT+bPEukGy%S( ziMFk-k@nnbi%){CzS2E{@>fK+qwQdaZ3D6c1tegSeeBRl$XL9YZWvGW1T>1uN8@N6 zpV$6jZKu-5R!P#@-lf9=`3TXL#?ECXX@9*#DVpjqf%eX7`;xYL*%mF%8WOc1TOT>K zTV;$LE7z&Wz!p6R2M31+gD-{1bxMmwsJ)}1x_DU!M@XzXL~)f)OljRYp~&`(N`a1a zCrFc?PZlJ0Pk3PBiehXGU-lxO6%`fu|3VqPq2JCI5;?5 zuDE0(_v8HLc`bYR?R2702OZ?*96^de^&T*LoA5oee_6x)lVr8Y- z0{@=mD!QnE;mqp}%J3fs(MZf_Pc5rZTaQIYw z^+fLA;NakJNpM8&;NalUz~PA8!NI|yfx{8GgM))Z1BWAW2L}g-1`bE$4h{|uUj@Fz z?aq$K9UK}ebS<22w$Uv+H0x{yVJDS!`;T2tqRSq>TG)jay2U3^2l#Yga5S34==wVy z2+T)#d^Yo(UT`-{wDT=)Cbq$|Rc{c>ug($l4oKL$@ zLzmqYL${^r^7p_6A3@6^7#xv1I5b4ClP69edXb7-Q-@8UjKSUSOVC795x&5~Qv~$_Di=RUrj-{a~9@Q96A%i{Sq)NswPP9%kAe8qO!v*@9_o{~U?udH5ue$4|72uyvw_unpW#0hs@DRIa!S~Q$zCXjXGY>7(JUpaw z?b(%vpu!CspJ7{fkNFy3lznB0i6_m}e~|b;_HMp;eoZKBER1 zFK$E@!^={hXT5}xvsU@b;POZ2%(cj5on_8gL-QJpn6(kZsy5>J*_$zJ<`(oRoR7v@ zlHy<&v^*|`BXS3a1_rH%Ka!432TtPH`)4tC>j5mPJ&d{APhifD)0nyabyRIXiP_su zU>?nLwx7bBZKp81_9We$CiqTs70vojcHaN5@%h?$v)?Y@C*Vf!7y6;uAJ1(1pX2uv zFwbK=^J|Y`%Fa`mR`(hfY&nKM{_aocJ8m9)?S_)XbI>G4>*N>Zvp%B7ph<@jIPk_h zc=ff@sM=VE`LFE5g4+F9@XCJ7edQqLy>b8xw$iQvVBuD#oAsvW!kT@UPrF4myD@9i z9&A2z3h$o%7}q3`$eHh;<#90_kvljvFo?+8W?;>}6G*A7K`8s@_xqHgS+5FQn_7wQ zrcB0-y(i-Ol<~wwH0xQ88+%ov8Q-th({FCBce-zuJQ2QjzJNfWSc_v;ui zaWM&KsHvF_kNq6=(J^`WT8A|3Ir#=Urj^5YUmy6|4<*tVhVCRF;XRT=3~v}{MNVy< zOJwq$>2FOtEwTJ;5PsZ$0uH|U9=_Ryd2&SV;BbXP%M5KtV)gE$=s9gS?tXd(9)5N_ z?&>p^Brp+o448^L`&HnF{VQ?TfJ*#G&wdkeXa5Q_-z__u@2Y3Mi|zw%eq{gC+}H1i z{{K3RNwf?2;r}wz&z*hCEp9Jf?|=Efv(FU#xX*MvIAARP^@&NSKKLg3j$cXglDg>< zgvCjdX^^}c^5Bcry#Zsf?c_U%&zVc|OSg}m;o6-OljYy#K{v5^4FWz>$*mj7N?D(! zrgpnYOuCW#FP@u@qi5d1w>mqC+`-|>g%SA(Y}s`X{ip80?R_W}cPmEYZZ9IV+Z_0k zNs!6a@b#p`E9gDh{|uPxKLbcvLOUYxpCMrO|98$TKYllQUf|~xD((d+6)k-4CozY6T;G7tHmV-C2__oKdDq2GM|zw>@CbblfKI*tIsbOBC$0YW(V zgv6C0G+_)PV#%{@i}CZJb8*;+oD#buatDVi6h`FfczMrZq|P{m+xpEy^WGH*?=}+= zJ?Fufx*VaY)d){rf{^4z2;sXB)@unuQx+4|9%v5hxybB%$xGquJe%Y)4Zeh#@O58^ zMkyrBq!;1qwh$pb_?}Q{Pq`1VFz7#ZF~Vdfu`5m?Oi#sA&)g(s9vYF%@9i@gH}tB& zy8W-?xv?B{wChIq*LrLAXX$r-*2VED}*uL}lB5$XR%94buI6`#MOhTEtwaaEY6(BT`ekd*5 zT?lcsBSLi3nCx^BjkZ=M(7lBz|8!>;)X=OrZI3t+uXst?c9~5+XA{~osta)PNakLc zVR1Q3e+hnej>w%v?%;6c!q&*sv2M>%^qpRZ+ezZrr;^l2$|0%CNU|Q$hNS3yDM3QN z0G^#B@Q4)p={6sYk{9C1>cc4AegbK0PvYACi*ZfYNf@wbFK*3TW9#mP%Xi@3k?Y{= zx}1Z>Du%Hb;mPwz+9Y~^co)WV-cEx`XwQYXcR&T2Cs$z2{BXML%i zA|*ZR|G08u9Q~23wQQnGa5~aYGzp&nHHyhWSbNSGq8TqGdtWrusta)xM=Z%cLF7-u z?^NbpiqkF|zZ^Unhu(Y_|Kirj9UQJ;_=$WyiM-#`THOA4Ihv=4$g4@PEBq3(NR)(2 zGWU_VKMkQh79qU*0+erg9Xnq;jUlsM#!GvTW8=~Hap%BU*nIX67%+V;rfu4f)kogN zb-gLACvSkS_eO*!FEAqaanJ}B_IXHhXL=adJp(JzETs~w54??Ek6lD=5rG$zG(YcS z=L?94&c>@J&mcaRakj~}Q>{jd@g!+&Uu>I$vQ1}j^8I(wZ|r0oJ9`!*CUCI$`Lnpb zM?VOLByXg*Jl0K#EZ*&=l z>mDn>ZQau_r|uvMme-+aM;%5gL?or{e@V!}w<$Sa-#s5!$Bu-r14*8P!c9H%aZTa` z4i=+u?W1Yn$R3~RFlj}l)=KS2c^Z9a*`M0?k6kItk-0$qC|e_ zL_YdLB7YV#^yuEkiUEr zo-MD&|NY}%FtPRo?jJcBGdI;>!=A%PUsi{2_b9^7GiNbw-99`waW+2s?I(EqgAZ}< zGqd1pJsLN38HTO<4`JKU)7X9bEtFJm!PjFlP`-XIj+{7-n$z!~#qbv~>E&JMK5;$T z=gj2*b{uy+QHIKW@1n)va)h<}HNrb-U??V$GcWCO{1W+lj>sJxu4vRJ^6A_013!`5 zN5?NjC3To*Ae4^k*kk0UXpey3B30j zO5%$Vkv!kx^QEo~5_Ww^BCqC*VIh9pzZ}>1n)Ia*dFaJN-gYELuh@h4-g_S(eDnz> ztlEjMQ{p}J;U_3sycRF-+Kc&{j$n1oer&9(#r=beaZA@M?4k7glcy?ibz%vgD4T&9 zt6rwvZ_xVJWwuZM&S$0}^p^usd*BqtuiTD^4q5QE&%sS3^4CB49WrLGN3Z-Umf?p; zE?$W3C*Q#xoimVCU5l*;52L(l5%OPt6%${o#h+Q0!zVAs(!;0m-Gt!??Kl{rvDwUr zcCZv#xDO7h#1SWvJ2+h7xR}Tv*B1xb7X8uy&TxK=RE)j`5O52eM3JY^B?>976m z6_iZBY$7M&waY{P#&JE{i|6wvqxRrYT+?Gb!!E&!qh~Rs zdLMibkAN>K1J`xQMD6?kjTV{n@j%)fY&i2Vo}0V^YxbRj@18;EUa%C$-+CL}^QL3{ z=?}1>b{Ce`)S>R=>nK>V1K}Mq5E@Ss*N0M-tF|Jx&&ET8%5n4ziM+ETatDVi7xmZ3 zr)|UcN#x$g&c$Dl$VsxvOA+3+3Pa}C;lSDd!kpSuIP}3M7`5ss{x!7~DXIpJ$M?yDddz@?13SF^h3g8vh(353G@g^jL^{w6vm+onOitd3_?Mn>J~f zyzw~J>^%YB{R2?>%2BM}e*#;!?ZNu3uVT#7T6CIRgCWc6uz1x5oOtU4+&`ooOHRLs z>D!KA!txz>X<05kAqg^IiI3jm&_+Nl}5_!Mr9+5Y)<%W#nQ@$7BiB|)Z;kxRSz5W6$U|Z>aNkqKX#Y$xBHLu(hF+C;WaJdw)_V-P zb9T|SaH;8cc_e)*QcD)${{Drys?}4t``HR~EM9@zx)&inYbH94sm24tDsWS;QFw6h zWHjwUl8w#BO+7QvXY^Ful2S&AJP%D03-CbtJY1VR4&UujjE6GkBBIl1-1$T)o*26n z?Q-WZ?PUmwDnP3t6YztlCgB^2CFqzj1K;gN0*|Ex-lc>Rc`;`frT&kdnRsAOgwPM$4;%0U#~Ut9y+8$3A`r>(hlj6V0)5G4J7uU&lQO5xq#9<{rze^d`YxV zn2WIPbL@bT@6lDZ-7vD-EJ}_frpHL4skG}wx5>-sZochCIUi2|f$#(GOdBQgyZTPx zpc5c++I?XnfAbuX%g;F?x2=dI#|{jy%`il2i=p1zk-Iw5jgIiQ)UFafNqV-=yhARU zYDwmiESl*yI+yRy(|-;@yC|C5Yrx1xL_DSEDETAkE?nCT6<=FEV;Fu%`OP39Gp!_f z)AVS|KZR(lw6#fRSj=N=Im5_Ac>638IMbLg##H(?R{mlb28sL^&rQVvJEBj2j>sJx zu29&4pfqgQeHeYJj^dWy({Nw%NZguQhMOLrL`iZ2ZhU+yZcd$mTOOZ+8&hf5dkSvg z^JdzAFLg5A(3~Q-lj*Jk%^#nMX1%L$bMHyGrO!0FnS@(=SK_)}GiWyjcO;kK_TCfm zJxZU=pO}qik5`%BTT{w$Gl^N@eUD~6Ek4F`qvD}o#dm88?URep?)g$Q>oXh6_PmFI zW9O29au50)Bnh)gRFHhu zM_dsiWAm~9=y603BBA~)4Zc>CoLiIZq>H`9bCiOI5}5?0>2uG(dwu(0?-wK3f1l;P zK7zRk`1PYDrR|oqm$EF)6dsf!E#~8wnfP(vLL7YkZAat|4p%fpwt}1J5sh6@!WN*?aIGAN>yokDJeY3`0cxC^Vsj8#J#0P^ylIDa7$N{~ar~ z)FExkOURzJ9yzl%5bOEA1{qcBky*8g*j(=!c&~3C?EPW{`|q>d*GDin0Xr{@>{%O$ zwaA#gn&x%Low){Cvo~N6?WeBUhPOZb2;c1Nh}^;9%7v}NX5*>Jt1+YQ1g6#<$CB*_ z@zS>4SY5jlE4S^%!X1Y&zwRiOY&(o)JBaOvv1G>)&&+pWsmyv_U_OGSemAoB{2V%G zHaGRdpnES2zngPmcxL^#lId8xbq}hUzWKWjqPp%Nme%Y;>t~DM>o6Rlok|fFM@cU5@{sCm38~EY}-C8XP#Hp9l|Q+b@8hwu<+I6Sn=xq27y&O_TeSwW6`Tj zd)*Ps!?N0asM>iLi*_DG>7vcJN*7DSFz-Rj5Wm8&~Nk_;-1DVg~7>43uo?9|ZD>{pHqzb@tF8mJRJxKGIdL0b7c`f|bX`U^zP?cW`Kc&~5ow#SBLyDR7F{ zhdAxtAi98A2qfN*iG!!;IHQP3>SIsVm>Qfj*99aap4nAyQ+jT`x(@w=_6L z7b4O=ppIafk;G$JKKl3>tQ>;D5xIjyLj;K|VFF2DEIWQ42|(ASrK4#~8X{ve5f+UOOzlT4>ishzL7T7bujP(y6aUWguM31|sJK9Z@F{2hC>y+DW1
}zkr1Uq z*3`)IU0M*OI#%jp8v>*fR~JhpNm-Wklb5o-iVzv6`Xk@QGG8_z2P=ypa76Cl&@d53 zk`B=}Ig)ylm<*D3u5Eh@rCHnNwEx*iPrAOpLWCr6P>CmT$7P@~)2aJ8ui~I%`olSk z2#L>TnzMrDF@TUxW6&ga1P6tYo?X%;`YBn7ODFZCekcPU6P(8 zKa#;$4O`|ZGs!$6j)dKX1lCz;mBd*{A|p|2JveAS10eb7G6+3Q`Yy%SqDOE*$fVyw zmIWnslVC-Bmp?R!NeypAC*~n~7zbq%d%OmxQD_{ShLBh-6FG_8!QqOB5w)$Os?*C( z?;=hiKmsDZuNq#uJhEn*ZH-*;{`VwQy`Rrpa44KWnEFOA%4QyRJYQk|e}!>*Ky{~C zMu;6i^75ekg|K|249qisf&4fkcW}6p5Rm$U{dc+G%SvCvA?{Dd`GM(tx%>_JazyUn z;NZ}};fUP9!NH+{!x6cIgM&i@ha++a2M31+j?W|Vv==wRcdw4aW;!@HI5=F6_}NhW z{F!MYZsTqJ&J#JY?a&(-HKzvoi?^e|!NI}7;j+W1d0R1W^FjRiPk%J}*6$pV|M}0l zUG6-?yPx~HpZmGr<@@{7AOGNg3lKSfe=#!uGydY>;NalU01yzof&T}pSNsAvzd5G> O00002<{LTmcP-JB!)ZV>=bA3DaLHzW#R~%?Me>=drs!5Bz ztD7M{dTYR2i7JY|d)Juo1!ns3t^L_aM)$1;>fnDH+^Ay(;N3gjN?8d}4KJg!T!d6j z$=e$uc+ue;s)N%=-g0(233v@`74!&dL>bg%&I*%v5|T8K9L{gNkenv!563(^firD^ zke&@8UqX9y`0V4BTc5UzT77rMGuJAIrAq3B9VmFxejxO7dQJ|pQ>y8Fi7c1@qgytw ztEGs@?;Utf%c%zIg|f9W#q0tnc~C+Osi2R}0~B0qvs48qO;Dv#X@)}ht$|iCOK)#P z@%{Vv@m}9N7OS;qX_fO}`WzPv)yxZu;v&LjeEB$%|QJzug+ut7pMB@JqivAB9 z)zAgb!j0`M?A|j5x`@ajo#zY%m(yzl4mz!eaK{k<+3G>|u@Wj}}N*rtyB1ZMM z@$LshPv{%f{@BJvK~HcX@)@ycs#-|k_e5}gAoe(|E8l5w)C+P#pr?oiu(Y3DU44rt6 zkU$!K-5(HbLer&3=GK&*k&_j;#O&1mFiolTY~$$`b9qLr;RVDiZBdEbo<(y0V1Z-4 z&Wz$I^vSX(bah;e^~m8Joni_mvk4Y=Vgdrm$Ms?sx{Y6@{LDh%|(y3+pBt&dpN|noL2*>$4W5 z>pjeas#mU1R&$zE()4UH-NIUWZ*LakZm$v4%^#M1J>|BUY~rH?6F@IxP_$h@SJ4wFa&h$?cBa?uC8mRO5GI621!fmL>?^Y-49PddxbG3;3WG zd4AJ-%2<~hWgs$hm)kD3A{8>io$Cn-D*hC8CPWE^XH{a$6n5Dm@qm1xVRp?_?d#1U z?Vg`xbkqMK-xlCFD&Bcqlc7yyLFD-g@Z`<}$bOV`qwK{3#N{%|-{SLCG4pO)$OP0x z(!0JNe-Nz0IbcoNyKdCl7kAG8xm1(%GlU__%a4H^ zWjIr_#4W2vjM;j?M-Rhjp^Fl0Um%_*QQg{-ZF4kjp&V;@UA8kqfQ}KCy3}>rg4%RS zJ?x4M{U-!p>e+-&HdJCoCvOC}hU^Eo%NjddsJAbq8kK=U&m485=#uF$y6=31`Bklb zjbsrHbuIg^iXo|-N8Y?c`Q@L0yhpS_uL)7cR|1?zvfIRRY`FO#H5h{hQCivrNA~gG zmyr}^@1;7O?!}k^wdF=&EX45DN;^*&zj0!OWyiW)X8ANUAwyDb%WJ)n3lrVxTI5U! zOh_7u-j_kjK_=kUAo#jSN*ChYxgKG@vZ}3P1T>@Q zJ)qKBZ~oq8KR=PnWt4k=v<$TTatq{~Kx^v%(z+&2SmbMkXKJ9~UV>uSJnc}!xePI} zy)`z=TxxU;f= zqm!n76MV?;8RPz|eMSgFmR}Y3*nDM~&^+Y8@dl!kDJhh1FUxk*4BWz7=iYhU;5vI4 zmtuP!VZ1RqeRz6-ysmOEG`{#i>`L`}H{MsTTQ$;vPfTb1dA9hJwoSf2v9v@nd8~t` zcl6V?VHVYwO6r33e@YP;GmCOg`lhdZ9d?BAq+z*K7X3r@AK?Uk=--G{oVxG+AUjn=eg ztk1fw89$lDXIMy%b0`&8XP(^Z?C|QJc1I7Im$0tY2YS|^=(lgt%I9Ikv~5_WEI)ml zWOpuwsy*p)i9VFgK|&%`QX$`#)`*gM83NIK%cj3&7qp6c&3Bg{ z4gG@3qzaOgi|@V7qZzD*r}=lA4%|YTL&}B?vGumPV>h@;X#H_^!^Suoz-hW9%9!Lw`5ci& z=c_j?!MI|*pQydxXm!D+#>y`c=PEJcD#>?)z|v;Rl+b`zBB15pv?7gQ730URy!9iu z+`fURDmFElz*L(FRSG3d;(8@ogA?!EmMl)!oJ=-}MsQ^bDS&ShT+8W{39jOsFtX!b zXpQOeEBSy2Ak2j0j(lLV7^8=ZaKc-aYjwY`wPr0L1AnK7I=njkDLZBN&$(=$I~ zOtSGzdM#Izl4Wyi+aQX+YwkSS&ZS)Q)o6`r^>b`_8vV@A&N{qh3e(dD2-!p@=!COu zS~|MtUQFDxEYSq!({GZfRkaoFmk6kI4|xWsoe;dRaSXCne%*x1dDn0DuDC1_SXnXjpkghrd0{-W*f3dDqHLD8Hab8Ov}BO} z5~c~N>&4K#@`9Ie@7O!vVxAWdB4E45+tv5Fm%kS9-0HLYPDr70FjvQ>K|izF^Ry*> zP*R4nrrI|C^0i(iB4XA5keLZN`S4eFfB6?&hnJZ=9A_y&K&H$Wrq}+16tlZXWBB)( zj(7wd()p?NT>%kYVFBi6jg+$v>DPYTUF}dAeP;Ow#)Dd_YE}pD+g}~y+hiRREXoPm zF5ie+2Sz54hRkZVt)gzSI@ZS7D}x61&nc_@<63gbCj~vVF;#5d zlMTJY@T2;0toM&B>t(G?TRMs9OEY}+?g+AL=l+6?aIpZv=|{ld;K=<4xpdelFfkW^ zHHin76F?dq+p}aC9#P}d84B$w-i6nv;^$d-c{oz$S-sEO`$)d+L$Ej>qeLj3NC=G^+05)f$&RuD-`X zO!02-7`TH=-5xl0`W}N5@X{PfPI)CSc_6<)epN&QSw+^}rAx)=r?2gjFwtp6ce>Ek zubHixUN#PGmKDF(x2P=djwxc`A1WtB8YA?8?)KK)F!tbW&?kKYw&J(WYsLKTRNVOC zZ{^r%#L2aWG(IQoEVevdTA&vLZw_A}rrlkfao+GAD3trvT{vkf#yyAW=jQQ|mk*_6 zS!9;TL9%Hl)TLU6RZ>aNQBaOro)De>juQLK(MsOCB@J`G82bA`-(O-t<|nYHxZf+g z*+n~6CMm8nvFMOndV&FkL)sKZn%TGDn#9y$PHCpKl?%Q7s$YPyl5(Ngc)(cg^C5j0 z8zEZi!Mo%Ekk1Nr{5WwXe`a}~iU#JFp`tC*%#*f;oLQo1eiFx(CHQJl+)l7d&9-AL zSmp=?UKH|~xP||8C%^)uA&xct_dC=Z2O3)$6^NPlI0ea%NDz7p=QxNrt~UI>d5t0D zVq2vi*!_S%Xu&6>PD^6B#^Vl60c6tEZ(DQ-tIIi*Z za}s2oeO2v7cKm}zFK+2Qn*n8ln=USPYeZM`-PLZ&jNFS6XA1W1rFa=1IIK{KIUHFq zNtx%pjR0Wh&$EHww(5Mf)BEOazni7?2+K*F!QV4wLUs@`@o+NHve-@*%KcLF@~&74 zlbCIweDZSVT1gEMB5$K(>kFp1gwaR<*0_PSg&OZyx-EUA6SE{AOWlcCSvc0{K)3Lz z@|tb?(ZX-zZS#y9?uC);C>$$I>6CkSiC7%*J13>>@*Y{QL>#k2E-Ih}nb6A8QvJY& z?31`FKQ3yrZeumm)Ddw-+F>cm+`o7@KR(<#({%@t z1wIIObzO$~r*xciZhe&&zoV1rl~wj|N&d%xohl`paf~flJYfhBM)z~6(W{EPB1_9 z$T=TaH|&G;MFJ|7Q#8G`m4LIAMx=F9kAt~HCzHxlXc}JK`o)amZ$~B{JuQMS;;vmq6 zzb~>-CSq-SJa_6S@;K3=leJ-qKcM;XIYaNL9-^C3Nn{V2$n|IqKTBLCGM;I%-+A7! znUJenH!rLQ+~2)E3HuggGP~AjC3Ll=9SiJ0c9dC}9?0#I7PF%r&t}MKvw-cOn zh$tH~4A`V+`QvWn#+Ce#h!(W82VN$(h34gw54`9&w`MoYKvt77()bwwtUq7OppUEH zqQ@@T84BZ~>xciP-KIn50_OQPZuZz3t?`GSi5@gj>7#T{JoE`lhi_Uh0&bx^b&Dch z($KHaf2D<~UGqPkqziM@W_fL|UF~b<@;rqKdQ0zh*j{&DvsONmiRdEC$mIrKwd#Ci z=-_)!Z`U;XwIo<0rnYsd>RTYiQF<-3K)c9J*2^ioY~Vh!PWZfIuQ$xz*@nDFDN zCNUHAn8;+B;Ik#(qk@~I%h^hLN;b*?y4V3Ti~u3)o>_(_g+{RiNe{`mIrdWYglrUE zbd6iJ5c5k8KRnqc_=dru8zlu4$@h4i-y%-cC+XC>N?+jVHfEDo^e@>CbWoB~^()4h zc$Iy9E0(bOzm~!s;ibAj-47{K?SMYA`80vAfD#G|7w;R@+spRv%WC@*=PFV-vw_S5 zn3q@C(`j1hXK74a+(2~B1*=Du57vB3C#L} z_FrN?vdj17jBEhER1B4pU)T_DLibD2d)IL#-tF>hIr-qmgIwM#X$`4VDr*&^;l3=q zS1EM$>#5nm%5H&Dj={G{_25Sw*K)f6S)~G*+DrGT3|q^80TlDNi(w@qWh(Qo^h$Es z4W5rm+!7Iq2?IU;--`jkUn{!PMcju}Ge9ket{a6I30U}#ankqto3 z&IezGn%eHKqeew}w&Oq)O6OOkmxUrS`Bq~Cp6>$2@$Nn&$WjTHOf(Gv$x-t}>pEv7 z{Mc?|$0==pF?=rbvx&kNJUi?`OqHf4I+6qrae|_Sn%}drm4?8qQ^P{;iurc4?)EGU z8X;oFe1{LFjMRG8|TN^1tL%i4SDrxR4w75#77Y zY`c5V*~?|^)peYQcy1$mHG8cmDh>7QGvz*QrF^aSH|i1+D{>HsobQp?GWmzB8qeujTW`M-&bmAu;)LZ5FT^Lc!}P{t zUMS%?l!bp)TVxF;9k1<*L^DfA3Sbnu$esKLlPJW@^1u8q-1)~X`Tt=KRnpYMkCARB zCW`oyqmcgq4;8L7W+vyXUP-+L6Z@Z;>aUwK^!(p$RWB}J>}Mhe34=LT{e!!Vqbh-L zfxMU-o4eGmgs-;G%z+!3w`==1y)4hgjn%c6e{cfEh8(rxCFHkt`r$4gY_J3)?mLuX z@0kGfM(U8(!~wzTY93FJ|CNyG=V*^ab@1M+vy{j2jG1-MY8_fK+`S znSBv>V=;Xz{s#xY$e9!usxw7UWAjysTXTRt9< zNqGi|S&H_B%j>G0?W^7e$UVt+=E<#^1R6?SjQWw+CBX`K%_%Kz%11+@cBeLjAIJ2$ z^_MSC9#fsd(6E+Eo-0Y;Mc?Kg!5x9@p+D+!dr!ZYFxD0RzF0Utb6=hm8GkiQrJDOk zW-i71c9rNaqed?Vz;=Zp>FywxNDxT(8=3xgCQ`p=-;KE z5B@f|qr8?Qaw4_C*&9acJUaOF+MS|PHZ-X8M+P_VgpXEQVET|dPm7uCQFE=mJ{@sP z5npC@@F>Gcb#qLb=Vj%&X@}6J7&p*7!|5=5g1MB~{TXmldH%vv+FcRRZpUymY;gsJ zV|ZBpe#Ar?KX$c{?>3zj$h|~*qO?HzLx8>2I=U0uz85)4kV2C_S^-m=kD5nATxF|J zEHxlw<O;V~TBS`ov)^yKmWgrLt8Hqf}l(3y~L zxA_}n$CM3XfUenfEwS9fogW@2%Td+jq<+}F%s3;FB{`mIi_r5=I`Rb;RadK9s!9*C zc|3hSscEmV-5#{!D*v+k=LA|sbvDAcS96qz6YxqIhwLJ2R2Jq0Sn`>&;g0$gN$3ivO-pZjBFsIiYwm(1Pwf7MeeRLpfnsaQEN#FKjWxy;+cr)63Cq1M6ji zhD9Y7?nTm9lj!f7tGHBJx+vqZL|YO1ijCnu@zq;QH0D}qikb{+s5`$YR`-1JG>63f zziZ>?IOo>5jBbg_gTt_*fg;;g`Q24yp366CY`zDBM@D!n8f5nNQuRv{`LgK7Mj0G_0zz>kOwL zltsV2T&%SwyiH=8S&IB4P%(n}uG6aR^hmBxDxb!P_MB&GL3v5~ZAwI!M$E)}wW;d~ zdD0y-i0e3O|9*S;1ne|E+bdZO0QvA6=5i0as6vFK04p9a!t8dJj4evDup!3ECZht# zmX&=go^Y1KMbtl|-)1YmUOe5kxA;VTZV{U29b-x(e95H}2!k0s5YId|D2P0YTQbP& z+bN%WNN$}I$&&1(pWqH_5^~O;s}dRVav91tnMY2BPcvA<#k)n*I~x{`F&ay{lWv)8 zMY^WnmsDNp$yO%B_9b4V^%Yvx4QA3uttnHu7$&Kmce;oH#_}G9gyb|;`tb_Ymq35ZDkQWiv@)gcU{oa_ z5Gpj}Q7&IGp|oXdMvOU!fPSw$ax!jURZzjnla5+)+YY%H4VwnMpIeIl(AMGAu)n#q z8`Ihqp}0xBY2=tA$SnDrLBdY~Vz(y1lKkvscU%)W)*dDEAi>ZuGoj7GFlVEdGhXen z=B%>_gz`!`<{`dP=&s?(B&8?949gvwA*uDcM7>R$7s@R@YP9W4WpUS9M)~ti{F2v1vW^xwVRU#-vWR9D89s*r2%GEYQHJv9hEPe;2fT+h8J?2p zIuI8HErn|;e*r_FS%}!h(HAM|o4OQl;zx1o;?gm1y)`s9~H~`Wi0NN7GrACZ!t}=Qwb3 zb-Z^;h=0F;afYpoG5*tK556#%xLvg&qpKGD?{r17>OPHE5ebZhLEsD%NBR+Yd<~E? zyR3{-s0x{>YOA)5yTmHX8Xf+OA78U3 z4&NM!Ny92f@bM>zQn+L|6R30gteMfFK^9WV%udZ?0;Wo1-%&Qw<|8h-+(%gGj#bw5 zL0Lk@|F}Iiu94J_iQZt$gE^Mdp`3(~P9AY{5QL0xBL+nod8&L+Fum^?x=O)Sf(SS3aO^IWm%B#feqT}VysLb*W~D2yPa4EFwPePUwE8;S{Gzk4146Z_A7S< z!~YxJ`f(^%P0umQq?Xt0Qf_Ey5gPs=ZlBEj`zM)l8|E9uY6tV5iY0xQF5aT2^pZbv zQW-uN0z@&&#QF)szZe}8!>VGDUPp!nIa^b^33xlr^6@5xrbIP zw@kIaB~4n-Gs(&iSKJ)<3b&I2KJ#AcziEhnE zTc|G`9GEnAYq>P3cr*GS`w%91o~npSC%#m8yw3|Ja*U_1z>-W9l=ONiJw!|ZJw(*} z>!m#CW>iLWfmY=PB#6uXB6T*q;)SjjuD@bp^wJND=42f6mNWGf`rcLMUMEs|)jR+^ z`<@D<@Yt9(1>%b2Y(n>4A&j0E?>ML7pSd9CWpVP!BpZjKtB&Y>2&Y3XYO;2)6le8dCi2yUtFM>>c?^`fW zN*Sg~KKiT+nbOxzbAL&VyrXqD6E0WVb#(mNU+zhof^#1k8G@BUE_2{zd=CgG6Y7Tv zxo#-1i)uZ%^(BJ>4bmI(x%EmC^e4MV1z^rVm5b%XTyZj)J$96L4bW;RUSZhCJ*dd2w7F6~*~>tJWoM$DViH^0}%jfXwAyGjEJvu9EoS_om2^5nJ+fS?j>v`vFR-l34bBde%pD zS?{913{Ae-G@}PyU2IOp!3_O1j2rqImSmBMNoSTA!n?fR;7^|3_q?X3+Gv%!`{yj1Z zW9YbEv|Du$h1nRGi&@r!>?<8c^Qn{>P6415pqcO?2Hr7An$t2GruY2K3 z!?sU1lV6Q5jp}E7EGzqgHPVlMhr)oK$Nn#&!yM_GdAP5fR#V?ET*(NcGOi!uAe^^# z=a)h*|N0{EyfS>9t2YA2^G8c`d&uZ$;Pi zv-GT>_CD{1LS`R3g2N5o1Ty&(rUxF?jB zwp3dl9x<4a&seu*t)3Q8hob8~-fA&O@*q)MuH@-6pVK14;kQH;z14s$$O5+D;B>UYW^HS`mgx9@DviI9!=mJ_T1|^jP1U+@AmAxCi+P#w50zKnl73wbiXKcTq$h`*zF4N5dU2^#xUAlI8!yPFXDXaKhS7l% z7@2AzPo3pR9X)dro}HmzmUYY(s0`dlE*i8KiO()d+AnAn^sGw|Y)Ue(9kSVNPYcsi zYAyR{&i6v?Pn7o*PVcb)_5w1eE5)LnBuRCoQ#>~tn&ops)K(h2I^hn zoLJ#$k$@3I+f%-6B9@@u`MOXGQ8_LuUkg8AL;b!@8{498rR$P>CS$&r>JKqa6N=f=mYR?0F^fw^g5dq3 z_%oym*$ZT3Wn>niD(ZJZ<0wdSA+bL@@W!UQfKCd6-VZ4TW9Cg91cr@%WRs)K<^%Ta z-F+qs%DPIV-iv;`2GM=JC!A!@ts-Szu7$+Sr{+5|7XqVyu^C9r9@1Ypl_>x z3)@HP2d5yn%N=ri+SZ_YYu~-q<2Uj~g_Rbiin@I}My`qk{!Ut+LUYeQ@wx8T1vP}q ze-{3o8);}H?p<;^{#4zwRjvS?F!V5EAW-X`^j(zHQ0ks+St-u*&W?+VVtat*%$c-*L{tcN8NY3-}2bd@x`&a8W6b^1kG%H6B>Fr8*~9z($n-qk+x{ zMt#lG{fe)#m5yA}FXwA_y0C{p8?iS=~IK zhkv&1^qUNhRyydp)-B^9pg^2+_nIT*4A)xG&qh1Fh^G(aRQ<<3nBQ+;VmJv;I(CVq zeG1L=uSjT0nvhaogU=;tq(_gE9xk2kYX$dAE?ZA|cxW*-YFNcqVAOX~;6R?WprSW{ zMfNSs&aliOl0@U(T-BQdU~Fg?)2*m!oAkiwOJl>_JTdn{T7^_3+dpm|4KWlXI{o|b z4q0z6NnDe{S*wlV331P)QE^Hj8n1xpT{ql`e~#B&P}Nb-mu&*mdbeNT_?(v|>s~Uh zV1z!dWr) zeb|77$9CS-AM$WjWACe^qg2z0rGB#EqI%Gm`UK!0Xfe{ErU%gzG1ixlLA|ByKa3jS zl!gMuRow7f6234cs64Z{hU{XbaXMHrgw%ik*-0L-ed>Jt&mZE@nB$1nGODlOu`+U3 z0b_{i!X_OoZg~?3bm^WC;H`|aRojCw=Eg%%>$;7Z=%- z(c&CZKncukJx|jtdRV2%lP{6emZ+0XYg&9yaZ5eJ9ubBl`Nyvs5i!(M)`+WL#EsG& zp88Mf;`aSiynT$$u-Sg`poxEOin&u{7;Q==OC^gRb1L+UJ0?a;BbE}&{_ULGCOVu@ zRQ_y*5u9Ird&_pyc%|7l6ccltkcJzPrt<1VP%5xP*0N3lE(Gu@z+1@hkMwT=z*g(W zTibNeZaL<7RW+BR2}D-=q6fc9#*9&>N?6`>wkeQ26_FFU2La zh&6%B7i@mT8-BMp=tOOlmqQe!kA#f4KDt#!RUaXd2NNg$3_#Ubz0b&FuzxBdJh8PQ zzULM;p8YqbE&Va(;zX(n(V$h$JLlV?T5fk6b1>(k*RP)ioPQfpcjh5STgjBExPw}} zjZ>o4wvn2$aYV29cw?P=+cgaLl%&y^m9g!t#S6f8=2mmcGX zWIdK2!iS~%Hwk@I-79XN9B~3EAu*Aij^kOLLp2_qpA=V_f%gyEn3p<93#5j{BL@34 z@j?IDB=Q6&@U5_zx~w(1U;{)kZlC6F%}9{h#a`MnXWRi&(xILgsNZE%0W~4~xXDA0 z*c5vmzzpagc_?R`dnNP0dj<9Vi(MlQ;Zzz#ie-|9spm~`G2)Tki73BH)~X8E`SkoB zg&5f9_NAfZm7O0lo@C`R)07w(=Ia;p2;$nmS9&&82&mY(ovUm1il;_&lPR^?e&Z-| zP+1-OC42L)=KKm~w}fF27xGa&1Y^*mb4C97L+O&T{qwdImi<2HOiK;m(|G(!n6?CB z+3AY;;kTfUP^XeAG_&tS;#V^f>qJi-ncV5CX8&Y_u~YD{0Ru3nUP!88OKRTTgQds+ zb~FVcBSc=&E};cLcft^H$n5_qJ%+ENK~OiVn#sBMiK@Dt{vnk+vZgWn_SB2Y8{&X#OGd0 z7sfQj5gro^CdAvx>h3)bD+vKm94p%2q9NGIaLzLp$2<6ZMx#!6eN_n91S6>Kd9pyz zN9+&4^WUW&MFXboshYmS3v>cOwvJ`(|MI*8I!uKObwmY%x=sjy>&gQ>761{#qk$x` z1DjtO_wTJY79_-sD|ep~Psf#RO}eQHNUAH@zv3+TTr<{(c2c&r0dhN5y1fK+j!c>;c0FWxsP`G9PDx_+mPZB?0kE9&ym{J2v$aUrNrq8|4s@Ewu4 zZbg#*jDQ1tWEm!zrvab7B#eU_p?pD48qd(BvyN*U`(P*RBpMfrREKqO{cS=>uDFH} zsU#jxY(^kV<9Y1+cOzzoNQ}vz^ljUETSDeR9YBYA9NFvYtN4LfBO9b5cxb<5vlrV4 z>vI~eH@nz)`KO16688Wz)Cj@9oFti~lw^z_HaFunLb|%Ffrzd#T|Xsh5l12Lnj=Qb z$JeRWs-;_MeP}=S_an^zywkh|YqU;F)c{fDgfpZJh@Cby_s0rR#3h;`oKxZ5CB!a2 z0N+#qen}HCA+#!}IzP=b&Kf)|*8VmThk3Z4v2Tm2$hBk93NLcw@>4aJ_-#G^MTLRT z@KmvrC~0>RBAqs~meA7|f+}p4vI%KE!ezRed@jd$!2UVFo_fJx(Z4vnB^MIH9#1zr zTm7;~tMV<87s12i*=1G2p=DI)jR#^0f{<}-$Na0L{MyL_RN<$B@rQHh z&B{%^eTxKSq;JM#Fb4PC(um-XE)UMmLvO0arphI$znsVN28H^VQfn&RjG8j&RLRb| z-Oia)>o+C-i@w-ESM_LT{2Qi~A*O}a)0BU4*1cB-&f-gNCTtF1nnCZcLH+*Qm! z%7x;fW@s555$lo4;+5NV8ooufM&&+c*U_e5U6Nu62)?G3R`4>!w2l;#w8`TlW7e3K z<;ZlULlyMRN(TLe=qw+w$$tl_Y>3W<5T$B;zhOe=M#SJf@|5%fc}c8X?kH3A1qFKzRup-G@x!X-}1zY|ad2W6)qr=E>bX zJ?3C(PH=({vm7<4)y-JNOu%<6G*~J`B9yO$=dMRB^;CoL;-HeOBKezBERswTjp- zjBf;N+@-5$5wSdVG6VTj>1u?9ZvRlYTDQYuBf*?W40QJ*T4Pg*vBiIY^GOYUOJ6D8 z)wqOv>&WEHiw}~v*_Ch6eQ^tl++)|B&tcL7o!sYisOZJjZXmlmeBV#*lwvR_@N!IJ z#v2C}VhPd_(AI8SO4w@Pm_y9hKe5c-v3m1*e@ zuLg()0~gR=hy$r|XzU#~W+`oPSW)(93IFXmDOPI0lV%e-aR`SoXisSZYbvH^OE-0D zIu7GB>iG~&txAuwXi2KE`VlC{R`GSJR{J={)jTPR;$mO3YtzhM;f8oRf^%N<0ZM@Z zHFX;xC}>+D-m~(;)s`+Xkcn^=K{#Byi9R7@kcfXjM9 zO6OSp>SRC?;jzhx2>`tPRtjr#pBhW@)rbJwE82tf=S_=uhhz!IB-or(#Z1?%4iOjH z9l}&0k;U-5((VldhD@b8%Haq=j=1;MhI$T>E4);l6M}eEJGIcHO&$i`R6yYP5aNwn z*q|N+n_kMXtzy>M=;TM~(F>Tu6@#c;+xdD2YVYemkqG;zE#p4A$vM#+RL6@`MUJE_ z5eND^^#PT_Tgg5#=|E3+t1Z$bvvs^)b+c9uEe0lcV<>gW|CWcXY%L{>uxyz^s^SDn zT3?zUiAtUlkrhx`#t)WV73NIte}7hHic90aU0b+?8c)JSs>%-D{p4TJaOt@n7g4AsqhFKoPH$~DcjCK4yV_N zLQIX$z%lhf^O;m@ig=YSiINEcY6pu(+87u;R+bcPc9TX=rZ5Q%;qH z>qNlc^_ZD|^D@Mlx{*VDvyxYM9qd(c(Ph4*;VsA$tMxalnWybGsm132CCck5nUcKy zr1);WG4BUX1YNPrMg~@x&Gaq()2u_^oM2(4H+B;XUyqGvO*Yui?&yCH3Ei$R4#1caQ*(F)v=sl11oA$0Ujuqk%iZ$a~r0(8LN5K<1YMdfbc zrS*!vuQ-E$ayosK&myc7zffn?6RPOC0+p%2`DtYIw>8J`Q&j4&y^JHm5;twql3M#2 z53eydFZOa7*53i`QCN|SNK3&zZY<%;jNGs4i$GN3L7M3UD7?1u@E5&*?eGiX~WK8 zB26PguyjJav#8>iDq2Kakg4%AJ^qP9yAr8Ff2S}+q`jQboOLP}Ek4tTD;vXrgIq$( zC@v+nUz^CR(#t)Uq2k7j`7#tc1v{^1YpuqJ0tH9HjN3jD<+Cj|9n;#cc@sH^ z>G;H2yACkcr0I_ox$C}KhY;Jz%JVUkVVPD1nJ`QOimU0@L5(Fb(@(K!ZbZtI|FWp( zT}eYT?ny5dt-4`X>2n*Rsi7VFf^Yrj?m?(Ob>@-=VWZ22%?XLM!P#O;)~F`-lB)(d zI$w@rZt>Jc-SSb2+V9C!qW>^gNaRUK+CNC#I6i};K-uJ-AuEA3WRaaN^TCb8TZtQF zvCoqOKs|(?TA53%5U8V|uSu&ATYA&AX#Fst@+qU}rzah_RJvxpoR=kcF@&U+P9~X` zpBN<&5SiyjvQ322C|si+(TzZy6Y~OO^Y1&PALqI#dm>}iw|6tVyk?$YWbQuDK~5-U z*oXZH&!~ixL&LhH7|+iME#sU6P-JxOyY_f!u)ro&E!lhpB>7TwFXBfy0p9D8 zk(#G_p=VRgm3*K^i#qy;EO99Tg_4@KMFg_`JDEcxLE)q)^jrJO}P^@`~Lmlo&|h2)$nh`Y}IUG zJBp?45rw5Zv~G9l;Jd&T0defj#s9F0YI${KZ@`DyWvr>nw1?5 zx!+{sad8hGs3+|a3C`c5pO6oQ zI1YgNBXus3r#J*PNy|vp?5NS_&_rh&nc@|)2A4`~D_$&|+};vH)qAfd)*_#KV18c zOhQ>6=GEP2LQ0@ZkXCjBGZAy2nqMZiu|+8D{Sbf<1@>(p&zT|BO>&Em^ed8@bSz4z zV}6ys@cniFv~6;8a)}sa8pR!*0#WtDxF<`F94JZuf*$Cm=od&m**j21^X1M9RjrR~ z_~e3iGX|jWx!4$k*m&b28V zzD|NZkU1Nm$V()vL$PONn>>2BRUv@cFPJB3k;E5w7#Iw7y+a9A9M7&RcA?BU7j5rN zqGl(}lXj7?hN~-v#=RsAlyAno9vgb_1Kpt4K=JNPA%doLPxetzTwh9OoJzc^E^V1; zNA!@c=)fH%nzBHU6}kI!@Q@R!v4DZudgTt)DN|4FS$j*b%Y?9o3t1-SB-LMXio#Pg zrp#*4Z0%PA+%ftK0p>MRCERj8x~deX>EyncH}GaFDTSQ?iFFaT=%H7) zF<=%no91(F3W>YfnYuIGy{|k(%2%9?;#Ng%burd0iM1nA&1U?=MY3yL%Si!1>PRW0~>tf6>|Y3r4*| z<*&MNi5G)My)$F76*PGWd0|a-j88$1ne7l3QB}b|W_G~z z_w314&foKF9`Kf$okKCPvF~#VFt=#}Ylv=DqX1NKtDj$!#b29DBQ4D6nCcZj)&DDP zpgR&wpEcCBZO+AIa|M}dBIv)YwcH&Iwe)`Bl!`79*C!}xmwJSX&xT==bTxn8=`Kc{_>}u)678mSn&S_Qa%3u20-Lnl@g;t{TyS0~G0vq#(I*f4 zT%xo;SsXM`2em+8KIu;YXPz5Yaf~T-sR@ip<-1z^e48FsCKET`6>V1IeF#gYjAiTR*yF z#G`k~WQAQ%Z9y^8h#h?A^_5iw|3CEAW?JkGr2Y zhVkB2({iT>+ANy>6w{p^;38&%IIHIu;k}V0B%%co&R(^*;&}KdTlQvCK<^om&NFIRC316+>K^l%^=&V zX}YfhAO*=bO_jDL_!iAkH9HArr!kO#43>XLLe+=m|4%9B{m)kWH}G2rYE!f*iq;;j z+FNak)`;0?Nw}?AEkcaiTT#@C-b(Ggi^LXU+_s24YZEm>$Tz+}J+J4-=lKK9bAEE8xQ4nT{dzNKf~n(6S#QW%=6nI&zwg4? z8eJl12Yna8mW9){i}+BtN2laf)kSf_)(ux9i|6Hv$AQqo;@SJo|3r$;eW*9(Xxnu0 z=2RlQR)S}?c32iy9P)HscuUnj&wID0upV_^a+dFoE(~os{9!zDV&AL;uEdUzYS6U# z@o4srYeY^@>O{kgjVk-Nn39Q2yBG>>lxbryzeMwM-#OEz+(a5ZL258cpu-ZYne*S7 z{o)ZleIoIt)desh(A9tME#y6cEbHw6RB}W*SCXT3FtaFNrQi@mFYY|aMr*z?@Q1Pf z9|x0!HA?A6F5)HpXeHAC73^9DwGqFwTkMV4+6Gn z6~eNT!$TP}4+u=0_x{yaVUVqaGYMs7P4Jlsx%!4Y@Rc-bx7^O$X52Lhu+FLf@fD@9 z{ff?#M1V%_<8yj1vx4zAVfRL#DR%I3Hk<>$4|k`nNPiW*)=j23IpKP-e+xM3zm_UM zCuLN{a{FblN{wxRDpm5%De3*P79?)@jJIWkT*~Kr8Itl^rD`PwxVyDQw|Uru+0zlw zM#i$ce=Nc`$$Zb|_qu`$hDYTl*nvD&nS*nZB-L$qFNFAQyV9v!ICM6n0me{_67D?; zDw=9+CUDQ&vc^~{C8{8fkqx*?Q3tcXpLXz(Papmh0O{%*nx0Uz?zcU9sp&!p!d?|~ zPm92BrJREK-k(W6V2j{)v%rpif%z1dvgJbqk7>RL z*OB1y&x|sDc_*ftv7M_7G}K}f^RA85{ovceDFX$+kS#7|Nd=6gaNQVf+2qDsMuYrT z*~ZnWx$G!9?yQe_*q#oCK#!S_MHO{3;JWJ7+7Axc!G@k4x-QHUQZ@+^%S}j`vY@Yb z)=u&xOGmM4R_6#fr!{zT8r!ewjks@j56^jlSbmhDA<@{b5t@Wzazf0Cok>`vmJ~_# z_!Kow>VqtdeK}#u$C%mpinmk*Asp)PYnD>pT#-Fh?AraA$}`*FW;WWxW|Px1_u`+2 z3x(x5`TWT#G$HVt;_0iU<^%o|DK6)o@ut2vO?A{@q&s1r)N5C5CsGifZ`?5x>E&Pc)LqdGJ(7+aJ4`}HmjzEG~P#Q?0N zU?|N=QsvA@V3#gkU7BLCv`>m_rk>-Q_xkf|zw#W0TjL_r|Pu#rP~^R2-9N5JM%qk)&*M`3Fqle^Wb ze*1=6U>bDQBx@td2r9FscG%p<&*az6t;Hj4i{;$ztBTiJ-CBxUtfh=Q7-^_Z(lUV2 zHq?3s?N2ifGCyWLb%-&1@R+iK`Ss&h>4RVEbs&qx<)r;ZHYGcMZP={^# z5s<4B`7% zw_zv01>ZD6zIWK9uXE%M2R*tZyCyZ~9CUAG{Qb!==ln8(1zZ&@joGPT-5$7z6cz)h zbtd*@)u>-=vn)(!-}HqWtnd(!#54))j@Yc7VyzJW+B?MW74q@hr7Ah@2cvm*+st7VCyYbs!5iF}dfmr1M<* zuEm#E9WD#UDe3Y#*QQrv&)?8MGHaM{q+Df(JN|h^Z1;0Yi%RDNTiWB45I6Ml8^0ep3r7ikHsR`J3k7;;1S1#45 zpfK+9Tv^&m1c6QLduh$kLRC^|-(}XsW{b?&+ndnmh&N~1^LWSd5K{3|m=vS*z-w(GE3>kz!t*8KO1VTez1Ic4K z**0MF2nC1=*VY-=q)4FJVL(D96*&t54Xs<{;rP`5JIsOK7H{*I7VH^6_S8_O0b7&L zk?I5Za>xPR?($1wLp>`lwKF;M{e@TOiFieiD}E%`HEq93nv?06LJA?qKyxs2=x7K%8l!MC7wHR?}ysS9Zkt;86-)vu!ARZS$ z_Iro(EJ-nI`))4pIXzZ^yK*32!6;Igs_88_fS2=1z-&MTw|-mnNlAzG>cQ%%Ed}R#c9!_+YjtBOe(!jmrIEU(E|ncAY_{=HAIh7MRt_~ytM1!c7+WRqir z>-MLIiF_~rd;s+vqWoJ86vge+M$cn)2$t^xTtB1#}uS zBU!_FhPyr2iDcIj`wBPB+7sv#D_ah2N;-ol8J;=ZS}(KnIoq_X6=G*&#@fXcway^G zdk5m0N8PI%Z|PE#P?gW#;PHvAt(zlv_Qxy!I#S;Y!)t9F3J<6;ra5%$D=5US>6a?- z5O?D8p!5-EUkml}O=fj1me)|Laf@fpYtdMp*`(ckwjO=h{qfjsG2KM}?tb~C*11@$ zif_8jbbg=zn*hzD-z;g$@J&roZ=#HJLPAGbk{}rz`F!cqZHb=7`!|6PlS0?aGgS&#t>o3 zPa&^_=9VMYY{R-t@)MEVp~R)+jW7lgcvTiSG(ZNIIC^(WkE^DHhVL;gsKfG}I)^*| z(txfj73I11Q_tY+QRGwBqyi?Ao-Hp8Ry(_f%re+#6KW*^)0vt`7F;*B}1SA7`{ z_;J9H)fkvKgsJM=An4Qe%Q^3TP#)Nq2C@gy_FS}-z8xl8B1b@OAz0|wT=y^BuKw0L zGv5OLS3zdClBzW2f6B{N^;-)y?j5?m)3oLG`2l?9@4J6mwk`>^o0f*rvJ84cLB((C za^Jpo%y-4@I|wa8;G9*-2S2u07$BK^n5Ke7bAN-Sm;^y8VhQXQRW63z=U$C1j4SUIM8aSV^5q}WPYZ|2n%C!GhcbMS*_+XDRGILP2 ziB$RU96%Uy`l9yNO5#{YqCBUtj&ga`C6NXuA0 z#&$5b%r$|$MBDw}H`)`7X zEYe`r`khV2i}sP8^+C*HtN-I0lbbsuR~tx_Te)=DbEo#uKdXL=FRS^84|R6Jo7;GL z_E&!V`mo|gJubjM2|U_1mEt{Hw61JkiCaXUh?rR!6`#wmGg}y;W%3A+bmuZ$9f%|{ zW)RGk`!?{~ka-K{XW0VSOA6{dc`15ytP{{fm5&rdadEj_i_Kt$gB+R^uR11X6j#>Z z15;hNjN%KMGtaLaE)eBR4$9lrLZUR~3w4`({>P<|v_CI>{8x7%QobDx=N;H12_z>) z&q!LTusJp`@!7@I5VlL^&jJ^bJH1V6UVBl$dy>h?zx>}2-WgNd;2z$+V6Qs&-%&b~ zZ+Xdl$`lWnWsyurv(%@fF;@+i&2X!|3Cjz@JQ%Q48V{(uv=>^itIer+mP+PY+lIhT zTN=)RKWRek8lhFa9|GL!nRXg1DBk~2yu^|EZ`4u)evUA=n2rGV>qcX?u2!p--p~}U zlSF}l9t%1d#%=CvAg@cDR@Qg^PGLkz37dUvZ12M zhLe`uz2%L5Z@qxHnCRWLO>(}C_18&|%hNrPvsGI3YEOw%({ucEI??_|!$}NX&4Abgh#30XP2O;- z*=nvPKe6)H1gR))A%a{j9siEqVZT~yw!AU-`j{x(y5O*?J8>v|img!iyTx_xm{SPt z6{`=t{4vRP5+9%dZgeFq6VO-OC!<1vRpAsEwU`k1T!VR6HuzOyYHG5(kfKNi4Od34 z+54vQ3;W6&?x|PwsuxIrCd_k%z*?OO10IjT+ODli`D=jHS7gr5p#@AhXv3lnVu!D# z68!`<{o$u1OG9TGkwn7oT>S8GcHN{!%-p8tGryZesAxk(Rc%@^6QgEV{DR`QqC;%J zGyD3sDUXVH^VWIKNp^=9(|gq;eC3T9&S(5X;Ztt=fc_VlZCXqFmLPnOXY?+MqV*ux zO!2X25waE7=9hMm(YJS(O9I453Fkk9s>#cW8GPV+J-k35dW|a(q zZaU2^Gx{;ky{y=IX{iS`O^NH5z7hIXEtrZg3Mq_dzYFAdcO2R9^A+RL7Gric7(I%v z2|Xgpj;YeXT+q^lhH+=nda3@FU1y6O zpEktoJ&suTXf zW*XF#FJ8M8tQtR!kF0P<;Y$VBgo{;ZTa2f07dgtat|z@c4d_z54bf8sIGA%r>r&M@ zU|xBxgf+zm%9^F&8okw0lcsca^HCGj-q967*CPbUGDqJBV3AhWiVLIGLMR4T`O@?sF`nk%cX=Mu2-iQez|hmuth;PEbv> z^Qk3FOloH6pt4$(!pkYX002JpE>*^|T}C1im#uDBtM=iaF=cbXt^ltY>C^qgy)+Zg z&xXz4sfLT&2K}@xvW3OnxH>DJn~dO|Wu__IjMgH#W*$w{nTW|kD+7L6WJI(%WnC_K zkFV@xr&lfA3TF7zis;UB2`=*x-a(Zl5FhFIXBWUyK78lN%AOdiO??vwFl7!5RYhgH z8xo7xNk@q8}q0nX|?Awg2C63^eSE4wk;5DeAh{ zZ#CenJ2+kfOG3kx(fDD$7v}q$!@tH?()8W87yk_lP@GIyzpQG;pcp=3@Mk^z0)gk2 z*O`_r!9tV33>_RoAft0(4-j+0`c;@eeN(!rjOJ1f|D&_KO~;kjNzLtJ-FD%FWxVtd z`v9+Cuswy^w8K|++rD&$<*kKcaKucsb#0A0K@Dy`T_z=4{O27?7?lO_SmKobynn=% zvYFr2Hh60bM=;+ZDkG<%|9)*PY?D+M{~h!;h325eRBY*$&`_%I((5E#`{&zsr4~+M zlfuN@O-0PzpUEY__iR6k9Rk{%DUu;vQ{2C5AjNQ zBM{J5b$~RNhlBO*Gu?0S<@SEOE+DunL7sa(E+XA;w$Bc5GX;?md@Oz->-9sDtrn9I zAk;8-c<`4J5>~V*n?(pv0l`De$y`uk!#7YOe#qT$HQL(<{SQLfCp$`-%p71*-YE63 z@{A9|Bl1F&gNegMs$aB3TwH1|834%-myU=U#6%BfS*F~i_MrP!7a@tk<_+iP=km9> z`8XZd#Y7H|zUa$4_N0!gwAE192MzH3-vzffwO9Yckn7ivpDZaCE2N}hi5d&X{Dd* z-s)NAUe;hKpxCzF3E@2HG+Dh(qD5VFK&qc&Dl^YH8L6ZIM1seM2Ll5`l9m!z0RsaEec55K-@fiStDz3hb!~4pIjem2O|9O6`y2&%(^Zotv^|SW< ziBhd{J^sWs+}4DgU}aeHlR~{pAO!UBv7_iu+WetUKmBp}394H8(3UmyE?Rys#u$^>2!hr*E0WqRvTA=y!}q*|LU=FWbGm^OppQd8sNeMMZvjw*qgUa zU+*$uiOogehG7^;pZvgj)&x}Y7WlFN5NJpuI+)3+yc}7> zdZGL4pM$CI$yHqRQoERWGKF5i_b02e-VssCuw9CCNr=C5*AGkIB-Wgq;C=i!D}bvE zlj&o`;vC2Hd_Pda!RXNa&K!o-pijXxfI3@PTv%m@l!rd2$e$08#AnoSS4|d}(Jd1| zKHcCl(c-4$CIjiW1Z%RT7`o3pk&x_9mji(@>~6x?x z=(FX(BF0gefAT;=XjsQ~z+mFzX$4_6M|7acLG0lN@t4e35k; zu$74BL?`eDsxeJQ=i*zCQ22D*Ab#YS!)1$&OwuM#AVOKO$ETJi_zp>w>yXNEXtLBsS#?IDo`vW!j*cF`)a<;vZ+Ql@Ab%w{kZLa;D%2Wdwoe z`M+ucG}6iflBP@xUzEW!UTg?&=oJOi**MZV$_eQG83$U5LhbCIY_aoYT4+0)?6CCb z6!i~BB)ML+XPZEc-;{!3X-E%hJy>iGVR@iVi!%5CRRV4l?cHP`vooIDqU|G~^&*)4 z9I)8FscF$F3ORDi9YgC~^VO6EWA87^JENRIH0{WRk81@G= z{_aTJ6r;$%K2TW7;mUCN`@{;>9@W%H>i{5T2a0OTxXB*}Zaj$7oVHemLI|HTA${A2 z+#R4#%NN9QurI6)>d_GY{)z);JJ%TR+B$Xj2Au>Yp0=fz#+jN>KD5pDft_sOn{5e3 ztCE)exJVmZGvxjYf-~(;{*&t4?BElxjjBq2tSXZvntt$`jY&~HyzU&KEk=36GtOSI zBc%fZGdWM)TmyL%)pl#vjvwCYBaQG-1l#(ux<+}}3dAb*td(T_ehilQcXz`>*ZcU; z0d~mXXiZZ04c6rFP_dJ=-4A-H+q(K$-HyHKRY1}kN07EsBo-7zDH;Wx<*{VnLUdZr z)3vmO_&e9QRyzu|KFDkd!Y#`SHtpx^n<@Dd6c+k4r#oS^#^#Pim2zl)K*o2s0lqg) zaK^~kzTa0;_2R`2PwR=_&xFS|X1D|2q>q(mR5VmNv+&vAGlZ>UnQPzZIw7}sb%}&B zuC=**!M>WKKcD{FX*tzM7FF0W&qq6HVL@20wHN)SL56G~7}K9Vr>q@Z#aWk5SKHf0 zHhk`QkFN1lPZkH@fP4~0692(>Y+;A#AEn(Hy+_YWH+FBf#EMCMGV93{-h#>K^ofdKL)bBzrE~_ zOQU)OTV`&lweS*6_-m-XVx=0+1Au zCd97el3Qz-`#i+wME9?Lbnh!VkQa=A8ef?x=W|N`@pGi=T=qvZSR7QiynCEicomwS zW5@P1t+9AsnCXSH%YpYLJxxxgci?ZTPeJHhQ||s{#tPbXcA4`ZG!ti7erbAIOvQ#+ z9ekSbY)*{zt9G#!&NdEMWUzLU6~6d6q2<0!aRyKrEP|YMJW>3NOb7wBcHjg8VGfO^ zo@G7CfHVwx5)M}~-9#T4)1%yjE;8P1g$uBYhJONrzV8r+68Q8vB>PjG@vq>mj6fg3 zxt`WNESrK__a}4=#ubk7;&tA74Gu+E9?T9OzmmjL7@b!-V4}`p6*bLtk;^br3ILcGjC_@ zdrB(Ght!qxKtJL#n-n< zOh-#wlQLa@hnXz7wY3Ogd?;Q1nKU?xV<8*tKI}V`I&IH1;H;KBhD#yS^G|2Hrf)CzXDjDh$V?U5ws<5k`e^%aC=Kf6R zw1C035ejREAX94pB=q~-`V0JvGsD)Gzc^P0mke^18zD`X`n_$p`MuPZOd{b1GnB}RC}TtGkm+^%{V-Z? zC&ngKynzoJye`GXKGyO4`_;SwvHRA2D=0Ixp0w*ft*%EdKO@HSKap?abwx{UM*9Wg zwtLvzrNxy-ZG2wZw|07Q{JWEiaIUS^jqb*DgO0RM4LyC~+YT9oM`v@Tv^p@_74*dq zs-0WA?9s@~Z3jv)aB6SPhCG@DJ$l+^EK3}!`&j{0UpEI79dNu_Xr9B<@ocpq5>Kk~bbPeT=1I*hOwF69QsRLu+)XU4Q#-yjwn&Sq{O3#v3R8I`ol zp{xV{=ws*js3z9Gp~5en4ZJ1eB($8s)bv{KX>qe6D%ge)R9|?K9^!$_#sjNjI43WY-#Zpda1}(FT+q zu}u%MBTJ9Dk=s1T40Z)9ujsH8*w9bj$bv} zETYxQ;5YAHcmDZiLX5AA1VrX;%Ia1y=-zp(@|9&Zyzt`}Dj`I9luZE6V2kGF{{mQ-B3^?o zF?{@kqEu(Wn@6A=vIP8R@Lc_#@#mf9Y?Ck^7c`3SnA1H6$v(sCgHKGPuh>1+Gp-I` z^}qGwXKlpfexwilYfo4udO8}pCR(rj$AXP zGrXIF29X{?O4MpDwc|xJbD~NM{M4PSBqsRtcDVj-^S0XhrT}p^T+X$t&b9a!#2xdG zsEvG|K>f#5=!P%;fGp-xdvdQqx@zf=Vz6eN}4j*DtR}()D}Uf1;xxF^EW=x#T?Uv%AEV_Z9^^ zDRth{m|gNhdxMTSy(f)l;vk>oKW$uMvLela`+FA`#~IGs5GN0LeYYL<5*6>M5neGg zx{)w1SUUrerpqrqmscklKX^J>GvF`D&p!A3$-e(ajCXEy_J5QcUvq_zM$YYA|l5a2{da%ZxW=Y!M(>IWm`6LT&_QOd-pSQ5(+ajSD`pG7#-KvIAxV6+c6m z3Mp$lh~l{Xq!II_StbU}K*{P*pm6TN?whO~5|j4DW@iAgpXM%5d`aPRcRwK5~9 zA-SP(B=6dPR$4AQe8pU3L zz(lP+1wZ=m7vHEwqw`~wooQ2a5uv#2y{ig6IG&rC(pCTsp)%C4D{$(kK=^LGBx7eW z)U64H1~YJHR=2T)H>ZU2NI0}0^_v?Zwho`k_eLus8I7xVf|LbsOR1bD@YGY}o*NmC zl6jlnB;V2}e)Kf%y`AJ%SdzEH&jH`RJe7Xrh%K*S#;4Em*TPd2h)kfch49Vrjdo*$ zB~o-`A~DNr{}9sD#<&gD3AM0_e^!8@-HAv_o|orzk6P+mAIcONBZ9OGz7Zdf%Sjgd z(B1P|Jf5euuH7C#ZNkAJox@p9q#dmAi9^5epAwBB`gkLEY^lvZP^HWm^ zPKv6#>|>q=R7KtM5Xw&Zg_OHOy)O;b+l`O|h5yi_6j{OSxl0ucqxrb7Ki8#jJ!_Hqa0dA?C79`BIdLP6THWiP_)__G0_P9spSfI^>3}zKTG?PVWO3o$f zci-mL2i_x6L8#(Y$6sqge1+Vh4XDi?H7Fd5Vy0DZ*b0>V{;1$mhwDdwaq$hRLGxz_ zgmE1IiN9{hHQh7JA3^$$*=7O1cc<+Wn|%PDG3LGr+@p;Grky$8Kj=hOc8MVyX8VK) zs{ZcP9?j!qs7Mr08dz<*69qbK%{(f*Uore6{u|H)qiC>n=s(aP#(pIgZ$URbw*0Vj zh^x_=m1f2^h97xM5NEI|3A(s|8fB6`O5rD=SM-hW1SlFTzUa2Tg?|>fc7}E+4yY`) zEScP#aEk7K%JiNtSU|Fmmo&MjtK@&@&GA`T z+1R^w_{6Lfa)x_+EKxtqivhfv8NaWLwN41(7v8V2s=m4YaxKR~(Zg#rF|K>u4fk*( ztoq}w0tdEp6-#sA@PYA*k&32^3mLCLqsU+cxpN7IEr_8<^*np=ou6irPat!am z7UX@|Pu}TAUQz`>9E;vd&}u*|K80(vgDPc;yoxCw6oJ?ee&>~QlkJ`$wbXJyAq$^n z&CqK4HugZ=xA)GANTM2+KB&1j@=@LzYdEe_UqDu&KI-He^?QJ{(v8UZ}SlgR$ zPUEsrLe|sr7V6f^MGCyx|G}J}Hz=(I#$Woi&)yDz@BVT z{|WZ-UaCL2sAT6&{{vD44gW?l43hD@9O^`%lzCULYsAA4it&dK#9ae9n!X^)8ne%& z;WbqMqzi{C07a7p7avym!4>=V5IH{-B)6&sz(d#$Arc zzjr-<1mB31h$U6QA&kulzDkZ%Blo+vj`=g@5C&siKOgLK*y_j2+mwg%9S4tF7Q_q7drsMlwleFrVgXj^$z8QiSwl z?sk2=cA=^^Ov;5;n)p5gl`nGpwtuQqtSvyvGN6mc==-Mr7_EZ?N(Al=1dq zMh<$A$o>!149o8L2*~=Pea}KW6W0e0WCmtcyrEU4OvalR?8`pK2p*+M(j6FKIHmIj z%&CJ>ML0Wo_5ENa&53;0vNq{79sHi(-29%mv=r%IbEo;_$~Gf*n;Mz)b3)4R0m@Bb zVqV%agg5O2^F~{jA3;OkhS}r?h&C+X^4?JuV}AvCdZSZ~Zw9{S`$R%}D-`ZLL93np z8D^0-%gpM?<;_qQCk1(i{d9XJJ^T9x7p753wk+R`3Ceo?a*ha(9q|i5+y$1`nGJTApWwlOGT6 z8EnSvgj*RgUqRRuPaM9Me-+2$Nm|GfRl4D$c^B|Jam>SvBNYcLVuiNE)CT;S5Zcll zBzr#j75`_>G=Wz&ul#18hA=Gki0IoH3jbX+O?ErggA`cj;qJtmhm@^W(E&)b=)N;gKCjZXF<+V8Uzbmn|0r1Q}rTeEe$uX}s4@aH%w~ z#}*Xu{tFLJ?=H9Hy#w5Zx#(8)$A+r~`yv~JNJsx?Y0 zf|`>5Y07XYOgOs*XeG?0p?{1(=jTaqdMF7>JUC7cqL#$zNuIJtE@7ZaU!qQB`*d30 z6he7K93IepbG?%uvL7~X*NZXc(#7mUXN%pTT|&$BpmxHyJL##`5ULR2XB4awmIoNDC`mNj!em*@RBY{}S+{v^0@o^^3p6g5)Br@&2 zx=xpuT{XcR1*~7HptN&F8+8C)-d#oL+sogi>YF7P!hbc5P^0kHZeE;%+@73aOEnkw z>t|}#J`YWgyQ!DzX2s=fbh@^ZEK7*gN%hwT#Jdf&NY~W0?Y;KoD7ypc*IjA(spCd| ze^pyc?&LwSK0d&8`kmp!RC#bo)T!6&W)Bk5%EjE;c)a&<>j>A)6Qb^ ziOWwsE4{dXOPX`;f2|ed-&*bz=I^SDZ{AQ}G*g~Qiv203D*F6%c(cdK{>XKn>tb*! z))Zf9CU5HIc7E|sinCwoI4|1| zhOK#HCqtvVkp1TCsZO0psXMJ1saaNEtb3CWtDPK*IJ^0r!k>>;g@Sz!vV0$$epXfe z<`Z2%!39h(D68PY+*p{q^&Q-1BFD}rQC5A9*HypHCs7ZwPYsZd6BzvZM8H`KMciAoHBLfN#h<$n{Jq1|yzzKR7CToY=ThWEou*oZsO?i$sJ( zPSW5s$+U8MbmzizoB6jHy@7aK5@mEC&wz{sSwksNUu#tKm}_+7gjvf|8JX-)B;sr$ z*Rg{k0gDsjWQdp&UCuiN^@zg#^ihMblj^Tpzn<*Hu1G!gakt!I^-KvOvTm|=`uLo_PM`YY z;{5=GhAn*E62KD;fnnFV3C6QbwT%JCv$^p#qLT0gI7DBav`r*MPb} zzTaqJwb!pE=mr?9mWyUzpjOP)>NgX60mzyVZL^JEaYo9)O-sGrj8B(rp}BPU$USEX zy0F7}P=j_pIBFppf{qqMQU)e4m<51(XM!vBq51L#(qoGQk^u$fK@Pl4?l7X?bz-Oq zIxzivW?wXeDX_sfyoK6<7p9*LDU5V@%rPd{pR|WI+H^PwA-_FKLCRs~Swm2o!T6`+ zzg^J;mLY!_%@xybH)3qtE;&6~rs053;+?fg*6XiXwn6o>AFnbQ65=@zBw}6w0y;!!oGn z@j!msSPe;18Da>9l5<&M3S8+pK3&bXk&WVp6e81~?zra2MQPT=R zl=DjP1e{Z}M(|S?#NzBJA*)EKoUvi%!2PcBDZ*6%TrD#N%NPI;c0`F?D3VjM1^P0? z=$|)dXqN3C5Wbe1z(rmaMr8hMHJO-Uo8rmRzD=Ka)tmCW?>(zrrA|DIS8)L&!R6^* zeVxZE@!bT)vRAEY1!UcI^JOkv{xEuD`oO7bP$`vMU&CIdg3{TtCn1!e;F$@OOsTM& z97GEHt;4J(LgUrGmgg&#Potw3>3g66oe9KjVm35NTC>J z+X2Jiawb6;OIbihT7xE(NH_dCHbmo!p3JFM!O^Hs&f9KPcXur^gMIRi)1o5_9sR-T zCO4*n98eGhjTu+}3)Y0L6hWF=(Bd(plC>Q*NKuLKH1r^q!Nms=D?`~zFlLBjA9W~4 zpk%`;w)BlJn|*|$fghql5-djc4=zbFpJAYkqJqm0*qeGcXor6sP;`9W`k(G9aZ_E{H55t@p2D1r5mw zn#7l&8f{YWC9QZ$6p9Azug66$$DyTknn}`H$Ywf$e0ov({VwPe*c*6j@!Jom5cmYu z$qEgW2@HY{aBXPggaRtcj&J1roM8s%f_UyQA@#}D8IsoV2Iu%JsRl)cgtw+c7Uu+k z*+J-*oL0*+S64Btg0}V-RDu@QFWBsU*dXXRvhyAmLEhG2{^skSp$zu=P;t$TKUblT zm$7rl2Fy2SS`#0u1<@QRTmSOVp`hH$4ly=PuBw(dUdNHu4&Lw~aW@b;J-Ta7xlmLI z1yH}3?ndURUXP;&*_a0*i0pJ0&^law=XplohSjQqRpWLu^&=jSU(Bxi1@*N5ZWdG& zY>wGO33qOa^kTJ23d#K(zB?%lGKTWw9csRf=#C9^RD&AN7cMWnuiCIEb~VL4mrJhn zDcR;`gJdk z1apcpTp(V(o-ZxAJ{>^~&AOzLj>8fECQ>%I_an!8aa)p(JYB^#=h_aQDx7%>%P0r3 zyGtoVT09)msaPdBI6}`8a*z=LXr+3SwROf9(GE`IB{OA2t$%zi;P9JSudN9!8{851 zlf-VFvUY1b30ABoKjW!KQ&Oc+YECY>GZq$mKQBPAAcEdh^p zx{b>`+qX#nD~i$l4|#_SH>o~jsPawb-8ULC5XG*spOtZPzo6cj`djQ|~k9 zh*`50dpL+=Jbi~W{G$;c!JSAVew??}Ss0CKVsq4|dAq56!2@8%1mD~lFWq#SQ18TT zcbOSx$lkJ@yCaPYsz;QL<|?#%62tNWLDDux+I)WhMk$S1efh!T%d2tlA7+Nkc0 z*5CnX_P^ogXZOVBkLEUZT3`#)2_BME5bGP5V)Y&)<>%!`$)n|rsMZg!h1PMjwvR*P zh!vASPvV4Gk>xftxHnrzRS95aUm~yf;|x=;9$2fpU;bRdk;-X+Jig`L4Ho)9+oZk6 z9eu2cWBMhxSY&m|OTm36-V(E7aex>1^bGh)&%dc#KlBK>a&1QB#V%9o(6;M(7^orj z@XW~_TUeDB`+c2uzQJF*l!=`3E?0#ai9UJX%B$foChh$w69h9xkbHfSfvI-hHC~9# z7>_(6mDz>YS?6=8E>*A?&KhKL$b!kB6D@EkI4B$J%;Nv4%@1H8a(|Q_m@PV-Cg(#c z2MFyt@WULRnG}s`W=*pA9w76${FIRBw#Ui{Yty|fQUq}l0tSm*Hblg677Qj%;UAqS^T6%UY$gCR6bk0#r#jgDP$?hi5(P2paUY6f`06Hv3Ej; zO$%?-;Kw=5ud3zP+WOFCk28q%(*2#-E4;ETXY_N+Tx%)suj9m~;|VSgKO-#Z9+=4L z4yi|w8?EiFP*gSK(INO}I$*E^p-aNSg|zt#LJom!V&yEds`Rrs&;}XWw2B zSqQ@QybcA{z}3Uo208CCJ)~VUiM7*BAgYD1kK9+=o)4^E7O^*tSorzGHbbiuf|SNO)rUm9!^?(^ta z%i~R~Rel_J(-G@oD#OPYvb2k8`aVjd7cW1cno<-T?^^v7xj7@1`8UXL$>?8o@^J22 z08UuRZjzM8$~CHf4W~)#`b3BfF1aWs*-*& z5F!)Tnnw^v+Tc!B=Y?ihlnQ9F5d3Gi60IMfr!bI*viByC(9tr_{3WNVIQ~ip8Bk^k zQw2*hn3orw%X2o2QO68Tcat_66-9sfPjAXDFV;SMt?AGS?ou$HDi!Ujqob$!*5Y}IGJ^>I%bpvZ(sxp2wq&Z?# z-MYLHrFO;iodh4HbwSXcqU^;QW@fm)k*_asW5wSoh#xHW;r6ot6#Qefkddh8Ze;Zu zu_AA|zT2N0A{Jp~)Z4)HaKP={B7ZOPL#yW^5gi)lU3U4$-oH@O13hBZSQxY#YN&~>`xay#Cdz16^PY7==svc!(#5=idr-%P5_&9>`FwtTqCee@g z1PXRnkshm2IkuLXe?i1u5jsICEM-m@-%@Lgho*|4{gBCJ(~8Uvm4hw`E8m|K9Ta~T z-upy?CCm7w7rNX#irexBl2XdnI-Ig%GHk>#DRa^+`-F(SscX3(BXqFw2fEh5I7YjX zvDm}C8I=_25AfZMXNI?tr(g9K$nmsVZ*rv{WCtVof1q@5{(!}q2xHAe}+v+8Gl|8*)-3A zhqX?G?|uFS{+n#0cRZWKy5gR864wt6xN7qOwhU|2vsf8TdpuR^&&xN@`PYNXMu=*; z^_!cBRljyUNd%nJ3v^cC`K5S49ZoZy=Bx(`0oSIt%1y6?qAKYHR_At46cdstX?3o` z=uz%@Jt3I{*XUU9yJFPWlPRM6mjVd+Au=ZR0OXpdV-GV6uHSCCz4Uug$_=MHZRSgc z1J}0^<)Em^OawGc-LSA=>R1##qRd|yp%Y0xU~6}Qv3_8>2-8+bRSnDppa7q6D_#}0 zCjK5V{b}ADBHcD933}d?D*f2T1>p6+eJ79tEtF(cygcdjV7K%f61b^Hts)aKi5}Fm zP193xH)HcRT_dxf^00x+HKFOB7OSiR=;p~qjE0*ZdzStkp^gzRmCNr3yI5t4~n^R()NQLD3>xw|a z8|2|WNU^&a2FOQbx^6K@Rfo%3^dLRb4l&ssH07X{-IBeO)e_=hn^fNR*WWZi}jB-@tx41<2swUI##8_9$8+4t(G0GsTI5<6hkNtqk&|>rvS0UxSTe|x zUcS*?d5{QRDoSh^dfDj?w|=lUP>%(PZCGMD&&PO5bnN)9c~xzK+$kB+KvgE zgKF}2pgrt<@Dc_gTiWrO{cCaNrept4;d+@H4oqnA&(>Oqr-33~#*6@Rl1|2qH z5|s!*dxJt-$@Y@*Z@Fh;gLhZr%&0b3Z`KkctTj=%H`SBtRhBgUY7()iW=AGSIciAme%e{o6aR;-Y%X$TT0+ z3PP%LNp07EO;1Xm_tnz>n3{V)~$d!;U!l%iNgun}IT-#GO4+*T20XxX21S$| ze-IdU#$rDFzA7Q-_Fq)-(hr@Pq+%SH335N&{?Q?FI!axKkMcmt@&}=E-ZHD#Uk4Ps zqnpT7)*~U8V2Jh{EVM~jj4IiU3k*F<;7>1t0M&>zU)85L_Ca*1df32$Z4R`>naIftXtFqxFm+zFt%CZ zz(GObb$XU7e?oglxYKr0HaSPBg|o@w$LocF+NpffWEt2-N~Bu|7TGEN@e(OLSlej~ zbFjbnl@Hthg!c82<5z#IcKqCMPN^u7h`E`0G5=yAjz|jh*{1zCIYp*n>+_^bY#Ux8 z%&85YGwloKHIxAIV;SDa14s@@u+6L4%=(C{ZC3Y%1vfe^Z+sRq183*v&jcbMFtV%K z7o=$o-4Wp3J^v@^EHW!ZrX&^<6uWIvGZZ$4&F#)`nE6(!Pb22#mL!y7UozLG#geAe zo`%yYP*3}A5E#0W@m;(8Z-fnYRqThzi-b<&8LXK~g%)@NoXh>3jT;gIiiY?Hc(-LU+)nu}SLe0te;uJ^ULNtM2Wri z-KqAoZyJRv8MHcNmnZ)LuEd^NP;ZXEjRlLqfe8$tspVWG6j`)_Zs7>`YU1xK;vbw- z=Q=ysrlbfK&W>BWN&Sv`Xdz0VQR!Gy-IX?L?d5+D*l5B0XfM8>!|aRkU!@9+fMgRBDaN8N_&3!vtrJott+dBq<3q#5=OB0Ayy=`q~2g%vHDn?H3hIytj+GCR4-ihoFowe)25Zk1vFF5J%| zLg_<=6L%9<%zyh_8F6{1Jj|DB;9&+c+om^{h^csBL_A2J62L2-I<9c2i14SpayRn& zeB7s0Fiz{eJBtU=n9CW8HSPxnoBTu~-#3b@+?-tpo{6_gG2a18D@3}Qd%X`m)B6$b z-}e^wANbljrqslQJ_D*u(t2YiO&ElDzyPx}wvlvO2V&1*>as-O-bCf_enmOdA8U>d z{FbOjKD@1Y%0BD#d@hL$es#r;meDM>c~M_b(L+k2V=hg%T_wiz(gMCJI|?xaD$Z04 zMvn2n0o`}>?ce9CN%l&#b87Dm7vrdUrc>W>twAEka1rWm#iW0%)W{BnVsA@Rs&3p) zteO_pHC5OiC6vEG84bVy zVw7yuz5h8X$_E!2NxEkeEH+Ss*&ljh=6Xw#1E_!g^r3q>c%8Gj_7^Px% zTGah{67F<;%)sopD}A0Kv!q8Nz2HZo`p@#EVg&fEa4uuI^mjE><9F@la8F{nqBQ|4 zPfu-5Nez8uf zHQvU3Ct+ytC+#clP0ig*MUrMhy-(fDjMa;k`p{YMfcC1kvMF)IPJkH^_p@DD@jcj5 z)4yNwoVTEb0srMQ2XAmUGYQX=;wr_K6Qrf^JfTj09c@%JY~qCCmAZp z)g{D~D9u>KeQ!iG_O`HSV2#KT2A=40=Jo?@O*fPt4L?>v*7w#wA~bABs$hGovz!cH zn~LtwkMw)J7)sVx+!jV?0Zp0ByR5C>Zko-ecx>Cy3s#zmmjC_2ZE{vFg2C~$MPMlL z(MIV}$*|e$f&RwQ)G(X+mgS=TiM;995pO0inCUe`g<4Ucrl<$;?No<}Z7suf&9M?8 zjgcnp*{mnkw|_(k`=O_f0Rc#TBej@2E_Z7I}O-d8MYl!gGGY7o|N&E4$9O~jOf&KMu@+{Y+Ga7>i=Abxp9(@u=Q*NDJj zF^b@U93m?Q3%tS7yC)@4nPpc*rY7MgnmVj@1Fa&2+|5b<_c3Q^I=Z2s6TCfQEY($~ z#*3yLQ5ott7WHzdpXNZ!UGCr&R;^cC#6u}noRXp|UTL-?=w17j7YKmk->|3k`A}OWr^pE0XjG{Fa8>4^293L89Rj+kE zWEXOif>)63&l#@y0lu0DL;!U9WaED<@Iw1+p7h(8fEVu<#rPa)%9Lhwpsx={GstS= zmoS{ksc6-+9K@^-2N0v`$#eeG$sJO&rBLNgaX5&kO5vKDuoPp5bg#xDO^#*`E zf?jiCr>0^4pk+%qD>pSlg+`Xux=6hAN2d(8eraQ^8 zU&Tv%E6S7(4pW2gJ)s`vyK-}qgb+MGNlB^&oUWIbeLB!Vk;*q8oMwDqs_5RfID<6< z{=Ei`Ma*Z|-@BX#GJ4Q{gR|sXE3Z;`N@kVJs@Sw#;JNu=@wUt%m!gg9avF$ZKnbgL zvKzg{R=%I*I@$#(*%fsmri{{s^+c>W-J>)tk0v2YRejz&`vb}68>L`-X6GT{IUC;7 zd}e@zU?=c61SA-0?X;8qjbX^ZzRBR{T7NBAChU8hpxt0GcvJy@0b-KW@LDYInXGM_ zCaw{bJqyMs@;+y@E~gep+j62*>_>{2{5m*Nyju^(gApElICRv5_@|2=(+F)}RNHpt zYiT@-+gM4y`ltnLlhk^-G=omfKOUFeZgYd-=P|B(-7Hz=INNv?df2r$rT`@!cNM{U z>)+!Rd(48x^ZPKEfG2eqmOpl(yE=---zq#((BuncvU5(Uf#Z z=*)}heGFcSgo?nK<@0(zhF_A{kg5$j&|5tudh()HpKKS|L}{6~coxwPgeB~NrZaJ_ zR&ZqbDGjW0%bPg@R5~K7ck&SIuX*>sFm4`d3alYO>P+-KwBN(J3&KPP`T7ejj`cz& z)+Gaea&8ZeUX@_=g{=&R=dL9aGN{CKyuK z|0-AhD)-bS0Dsd;Y;3cG&k(1#rP~^zW@ZF}$Ta*bq+1zjQVy&TWhr;Y2UqzrI!-a+ zKs)tq`)_L!ermxZ+2%QxCfJX#ji!)umMCUG%)L>djSgKfhg;-Q|W-$0wltE{?o2s=p!=4?SkpbHx+l6Evb~dbjbNT1}xrQCPj=>C; zdH@;e`i9Y67su>~l{I9ev&N>{4&qo-m?`7q&W73!!niBm*Tg>_0ESBikyisZuom%k z?lRctFSbN;QZ&Vu2kJ4xY8>Dd*HKFdPWXP*nm4%@8%%}+5x+Vwplf+w%a~d9KWx2K zR9sEhwH*kq!Civ8gy8N3ClEq6?(WvO1-Ibt7NmhdUk-QC^4zMpseXaCtg+*P~A zuBx@>yk>WzU&|+;kS<*heGRE09;#)y)vF7qT@m-L*aerQl^c-2ZHvU4?z7{alS^i2 z%!Km3RJm+OfPkgo<73h~P=C%krPQKF`Dh16h65{iTE0-o-hm{xPy4>W3n;ux)yY0^ zO&xjZAUZs5%mnlb-ga|!m~*y{wSb(H2D_br*s}T!b!M?|6u|+K=0MA@xOP8;n+7&7 zHG`i}puzl4h2($r zNP)yfOSRGKYpy8QNakK<`uB!ps>SZA;i2>P-GbYtxvTU&KYTMxg{=_tFlP#3ThhE6 zs}+-#u?TgwLc4-T7WDxXUp!4NhrguMq^ND+jNB0-gt8en244a_xI|U<2C#x;Vt5_? zsn#EUSi#=aU_x_$oXN$;cZukmoDL?`<{)6p0*I1&)Ey^>kO)bZx|E_xETka!kCW0u z&d0G(!Jv`lgpHi9n8r*bTIUtc^_T>8j9fpuoD}F-4cA5G=Mf<3yhf7O^n8!zwcKT;C;=)>l-d9j?`;Lw;!02Fc^ph)Td~w646bp#yk`WeiHWj zNPbKfd&zz5;B~LDvcv_yy>B}(l28`cVaDFCS=GrJ^v952CuxsN#F*P?zoM(SHpj^5 zmTqOOg_QcZ{&Sr#vgbbQz~Cd|g=ep#rYBlAzFlAAR`7*9Abk1RjM92mz=REmcn&E7 znSH0NJ7(%-T?$AU(9{wXs5|oMv9PQVj_Q>r;ViWiUh?Rt^m%hD90i7Kakos-Cy{+G z;i&E^Q^P3BA2kDa4IceCvA~kk_xeC&jX?!AM9t3pg4u9CDm@&3y5j|(Owkc`_H8z5 zqJN$d_3RRr^SV=ddqW_grlZJ<1qDO5Q(K*j)A9^|WwqpYr&iF^tTlfWiu6w4ZK{Ah z^RRoitO5S+bPE#lh+D3~rog{b{_vJ(v+dbbTBM?2{5lKFY+^2Sl^7KWF?LC_Tu9Jm?{d1|c<{&v;2=W@TD;!~6f)Hdb(lyoa|LNqopPRRRzVUXDO)F52GIW4wr{?7z8v-XPbEfp1Ys z9XGxl8u0lTp$fUAJoZ7?qaX~$>Kpm3+7fl!iiLSQE)BOV{x1-GkluuyRPMID5F81j zx8d;~=26E`;Pkx{Sm|^Vth4)AqelIn`uTnzc5vX^pspoR(szt0E2%uS#uN`v67R; zN2V>SY!o5aX?Y%C+x@;hhzlHeDlt4q)HiqA6@KBeo@qRM+!%6`0UkZC^XHCTJA>Hl^mI~T{?xA_ygPSEH2M|d9 z>tHXhdAH{!<^MhmN}n`ez+{tTe?0%k-y5_mm)U~eLEfbXZl3||Y_&ZsCcZoMvMhw{ zFIMh;^qipY=u=SNJ>sIUEizaz8*8nNs!6UsrznDM@MFSLHUv-BXHzE+mvXX8TdaiI zwE=UsLUzYl(M9HdkyCi(YSp(i-{(oYd)jb5Wqu)H#>kYhm=%z!5JHJn1(2Prz=ceo z?tfBmK-k1xt0^jwQD!v9sx{u#6@coTG-%_NTsX z3m&O{Ph8uFOb}mTa0p5v`&vM6*{qETB34fbx95^KFu4?zEO{N0K)~_Gg?|`{lBj$w zbXRz98$TEhc&mQIoBLzH!i04>Xz+?w%j1CMsaSI(+|V+$_Sk2IR1sbIc%+XDmaM15 zSWN9>vi=KfmQ0@!mxo(MYA_5DH{5bi*dLQOmK^5+xqme{HzNiGxzd&%ykuBhbH=PB zS}pF>ib0VXP2CU92SSX(Yjk=jw+yNFZNmON(XLNRk>JqwNQR6&W~7H`Kh zmHcA|nj>?d%@Ei+FO^)CHwj!j!AK(OhJ3SYJy0=AA1mp1dx6)_dgMKEh+sYQ7`{D< zcO>0z`M(<%rZ-CE{Vg~OsvXa`C#96EFw&6U7LR`u)1s|wXDzk+jPWOFphPEeLT%JqBF4>F$F0idGIOGYR-3* z9#1+@ja3Ne%zVCWiq@#GClSmy4Gvw4$L78Qqjl*UrAjgG<)g$j=F8qNCze$oax!Y> zzX6XOeCa*fG4Bx5=4^ItFox;6g}G`*uJmPmQeX4;Wa|GMjNX`lQr;#b1JTK$t*#Jt zL$+5O?W-Ko-SClloEBTaKe;PiopK{N|P(K_crg8 z+Ob(vdBZpChV&t2HIUz3$#zZ6tbUEqq!0~VepVR}mNd(^yOoI=q88D4APapAKls@m zJZy*Ov|ri15iw>V9qBoHRsf=Q5;>#L8&~UPVae}X=eA|*|G|=*bDH3guJkbd z=CG%JG9L@t20+^;eebC9v27R|Ru4 zc=rdHdwi7SzNq+r&0cdS407`EE5x02k9;Vt#6G%c%YzPkn|VIhX^b5A69+k2ek@Vx zALD_?S%bhIB{V|(h6q=@WHKG85-fWc3${We?{DgjC9_s=hbGv+yO_>3osx(O);t9e`?V;7W_V!Em3JZ#5_9xt_P)#^irwaCh@ zOyLUIu_2GXttLlWE#D1NAhhLgw5T?^20^WgV(#`*N3o16*%D@|tg)rvz*mnJb9-4y zLv<7tblI)vI-vOR3yi2jO+!UtTF$#&hZKXcmK7E#e7;S~F! zwsx%%pJcJ%ftKw4WwOnN#EO8eV0sy|Aq=|c2<3O(;9!VQ0m|sc#;TBQ+`vB!&dDbs zvP&*PlUyGo)5gJF;Rgczn6nvoUDV#h-}ld@&ml}J1f)Sn=q;c47_mm&$h$TIrCZk{ zV~m}vA1>e_=CXAUDIBLJCU!m)cF4|`pmP_SgxFPgI^(U@1j1BNvO`o&Ly1k6l~d02 zg8JJ*J+DudPi~vpVI{IjhFx6>ATJ4geA1_|*UvcN3ikzmcS0{^=CFI;^ICaJ;ZTt! zpu@Pls3y{Cdj61Xw`JjkEt{eeO6_@xMXYYkVgKqj-1-TFjJ~Grw96i0zlYbDvj%^f zN`6*NQrs}gmMl8##$2h9BhP>Iqm(ztn8$l0@HJq(Y&d=~Fj=iQOv5UISzvY9!<`v>gliDhSSN%6`ntJ`ms$2Pq zl7GWmAm_Jb1nU%mL(f>FAL(sVgC*V+Yd4WnH0GNLV2 zqY0&*bEb66TFq$#2W=SK12ueq0@lXi5eKoRv`g`T#YRXr|H){zwp@RL=N z|(szSTrhq_GE00|-^ zxkn$AlG~#Kt|D$yh+_76jpqu6x`nd6CX;z$!GzA~mhdSuW=F54_{RE=&JLE;J>Om6 z?)gLx@1vvRLM9#nX=DM`Y`k)`NI&UECC=S%BVgAei5%KPXZU zQtVgzAROEA>qP>h>=v&r7wu$DUW7qj!-_0|AcT+3#86NS5nS<{@iBoP-5_4UFR?q# zEhku8KKXj`T~#k?yF_c{2BaG{y~rlS@qElKqprWP4A*I?weLdfyHq9uN!R(egnCW* zw=K$fDpss_Z<|#Ii8ZOaCT)$Fb-KLE>1)Ts{w(YvS(gpW7YL^M^0Ep6gftL~I6WyHA+gZYnEBuvZ zo+#HBbZ5({c0vIhH+$vJ7iVHRtH9nGuqn4quL*FleEbDpe5h8rhOFWTkEy^~9I z`l}mxnLAluk54%D*Xa}C{5U>8YHWV&Z+l4UCC)DU2PPxC>oa9l;-@jSNZ;6GIw}Bz zCDR804opEdzktf{nZ>*DJg+^{3PD$_S3t*VO|n7%S^~&Pk)Mf|T!I5n_dOm#h_^lJ zl@`IaWzPs7PpRVspuv>#CyZw+&CxW~c}KGT@OunL-3~jvz^fL;9Z*ltCu4)w`tcMb_0L9}hm}x)0EjMf2{PUK zdZUmQ5{md~NBD}5RHf)v^Bd})^g!l*VF;BTVH~QtkBOQw>hy136qVRf)1d6|`|dJ_ zb2092hE^qJ20n1Iq|n}OT8|U%c4;0^I4(p`=EoMfmHQZ@D@sOxh-!==B3{1kJ=E+_ z(j(|5u!KDNdRz2UGM}(@)S+#L$)az1$(-8H>E$Z~{hNgKyPVKSUW4`TWYeO~Aud>Z z?A&H-3;k@>h>XC5%ZEl3$ma?7`>|e0Ny~2_ldT`XOPEVMkhK)g*-?hVZvTrwud(8y z{OGa|Ecui)$chFp-W)eOQ^Rhn;ZzNY9b>=;nJE@+TX6WqaClc319Jr5o(}0eWVel> zm6Hy&3kRqA_=L9gYx8gXPoZOswHp~4sPlSwd!X~*3)qdJDcif3yL*xeLG~4o7B{3b zEw$Qo(gAQRak>$Usro&-oJ>q3bQgc zv3q-h7(LbAs+8ICj7)>}Rqxl%AP<0_y!Xmn*OuV6x=eQTQ?K3aKD9o$PqSWp*~HpX z0F`})KZLwDtWsiEF0c<@AsF(3#;O=l^<%%i4DQy@<|9&g2`pyDkeUkiar)-7#?;bK z-!>`o_%N05yMmff*T-B=!&yfP@t^D)Kqu?qCVy#6}fn-kPrS!Z)}pNPJp$ zqp!b2^fb@=d51k}m~j`)+Ov!U5MjS#e5Z1W$dobuv+ys-n;ez*CEjW>E#htOZDvC( z@}FQmO6;9V536Dcsw^S-Uv7&TCFU@TqWD;^FfN#HTvN1V__33zf3G9V)~mRElzmpc z(M{`bVZK49opf(p_2%PU>D{S#mqnDSJk#R z_ts#0P>eRN9odA>nQ{a7s3?;X99UyfzEgke%OI6WwiSSa@EizpO@TFk_(|i>H6rOr z5;VmRtp98|$=SXnrz1POl?Cvi!{03L-2c1CWsmZ%G(5!XC{|SHxY94%6QBmi-fp4{xp3V9=xCd5M_hxr)fl=eh3Wz+)NB@ z|C8=bR5HZQI#T57mmI@M8e%K4l>SQk6l)^Xo*-0OO?uO}5c<+|`BOw!P-^ortcj4* zT5yH0mu=Z2y{C=TB~O|xUNaVp_WF0D0ghc_{^U;&COjM!^jP%W2z_9WaXMoOV>#f* z)L`wf`Cd0bbLhuJ`iSmr-a|9NI~}XYj9}jsqQWcuJ>E4!g*`rx9+FEqi%yyZo`$ixD-tb7$ zR>hxTjfP@IAGEH4U&JiZ8w=8Gle61uY8w3)gZJ~xj2A^e`ZVG#+JYCC?e6ZlxqWDX z%G(#<_18aZw03gjOf4W)a;hT6#c%aW6H!q_;}?UiE>(BdTU;vCg2j36DAeS=4JHLO zL-&xi<2QY!#2Hah*<+Psj@)0PScD&4b>%M#_K>2!;#ru_HP^(~nSnE04coa`@t!|m zqy<53fcx=t=bWskdw(lwXO{$&qz?cwFgRJeRq%TPfjf_CqZ5(Ix%P1DYN|iC)PIMt z!_sW0t@2?vd(6dOJd7gMJ+>5^{|tU!^4YH4+jLnqg69@~Pj+8#e6O!oy1C^52K_+(ve?&-f;@R;r4U?(TKl0>+)_pK~mL$-|*;K%klJD zDZqJN={aY#V0Hs`vdqWNE}v;2e0!d@%HK0g4{dvD_GnD*M)K#|LSf3KmF=OUq&W4$ z-B^s9Ll>W0wH@2?krWv#WvrsJVpPOAY+EXtQ?{N7PnNk7`SVK%cjN3WnAG;bhUe;{ z4pOPya@f9DYyZ#w`dH?Bs{OB)7#CJCYgzR*<=k%y-y>H}N5_dZNkd_l>dUf>$9)|U zXu#ni5SdiD_edbE;oz2zl9yz#Pc&rBL}VLBJ82crCN|eRo9Hz41mHFS;M$P_ z9De0Ban@?-XjUm}Qy!p1)gdent}%eiuOL(GQUB~s7)sBrj8T?jc-mdUYhc%1;i-yN z;UJ_$BN9mp6C0Law+3V9?&}H9&E@7{A?X4RxwFRe+!&QW7ZvqYm%B6E_!#9&r5&GU zfKDa&x0$k*(2Z}8d?~Mq4li5lFyK*pqk&<1+Xo!kkCrKrB`KLuo7`Ar_p&D4Zk(-6KB^4udIf$%#P%Z@;;PoStO;O>Zo5jW8fm%jQ zeMa*3tF@dhOYEbCx&pTBpCz*4yRvi605~1is;6}6SFU2~8VgfSs|mL-HxB7-gmsXG zN)ra1x2F~sIpH8i#p`STm)$xqnrx!HSV4G;?G%5uA?8o1ZP10Be_Q^TZV>p_9VMGE z9{wF#s~Xe^Sbo|oz=Il}E%5B(V?T~LKbmcf>%oJJk6a)a(>w|=U@`HHc$=(xj=7Ut zI|fmnZ+|T!r2OR-{xJwMH(E_JRz@2~$>hF9q@RJWb0e%{tl~&#FCLF^#XilAx7qJl z7U-jt##(rOGd~81KK&5}$cn@2mOIncMJ8|S3nE+0+VcleQ6SiSbCNGSJ;;X+9_=uF z&%%`7mEQkua_xZzavR0@+_lPuZ?qoT(X$XiR^7@O(p`Y35PA1=b=%=^q{G0Zj|Wmx zBv|N;j6HnJX@3rYoR$@oZ5teNz%)hj=9~5Cp~*2ycFk>riv3XDZuH-yIn!pVTY2Mz zq^Ydm@H5}G{kDofLEC~F>@+G+4d*A#PBmI=KH%0ffmA;#f#5Hw)(u#2MCt_D%snK= zDK0J0L9eG8q96H}6=FB{$N}Ic9xt6*_PBTo71VyA!a@fPe zxWmTd+jXb0zeVN2Zp6R^y3-Z(gz1b5y#%;E2D3A_Y-`Z4iu!j}xK_6cp>c%Es z@wptLj;{J3;Kyn~&a-2b%td;Vo&9>j;yV*iprubOI7zCL)4AQuTy~`O{kxoY4p_Dd zm*;FE*$-wGRs0$;MPKu8X6GPt5^;k-N--r|Giz|e6nhYoLw{UsCUI%o9|~SrTe(t8 z?RgxFr26`19;j@Mwo0vZjWH_Qhih#j9x77X)f?|)F=sR=vhWDYPQel@fRdjuS?6z| zphg!Veg=vm=X&GshO9Mv6=FM4v(?TD!RBjbqf3sY+t+4Y;v+1uMDxOUrIBv=M!UXI z<$6KAuIJlLU8M}m-q`TgF&n{u`z{pHf@+dl)S9lT&XE6BVtqB&ftRBmiDmXcnG`BI z$nbtQ3d1wkw7mFv4eUQJuF&A>D7#k@E8m}s4VoLHo%1TE{amg|R%wYM9^KAanRaYD zIwI2{W(C*qff2Z7-JWwg1c4!DoA){rJ5^f$Sh#}Dz893aWK$5&dpcot`gZc4k14NQ z6QP>QrQ7PaNTr-$QhL>VU-_M3HyW^VBD#|dW-7Jr*e8lPJ5q_B&EUDK;NjLF~7#U^86jPqc5@YSLpLotG?U298jy>mWHDP%m>HB=* zy&2`IT&sX8dsj}@FK7S#FEIe>rkNSwsQoIn*CzB%4+yBAQg5q=7g=EcSQRzam0&z< z0ai9|BzhRTpn7SBnnq4CK6c!|Bgtondp*&_$H6r^{Mp(`3YJC0+v>uC*o|@U5!g2G zrm=>*wI6~^97N7e^*`{(``Q^HLyguE^G0S}+`kO#dWs$O2GHWFwyOvJ?=3i>(4T3e zug)HG+eSO$di$(I=O<@NPbI8&QRhmZ(B(r(b+v_zHjX&cKFAxKWTGjAslDkLmD(OMu_6-W>-J%prvv$svM-K9`6VD+b!GWTJG z8c|+QH@7Gz_Tk3G0t@{xatZu-ruC6Sv5yhebc~5X39B)kG4gug?-F^ zh!8oVdA*GaFeHi|Q}k)Fs1%t?7%La-1*>y8O=^%Kcb>ks{6C;j?0@?-f)okNEKB*9 zH-zcj+7(x+zpmz*cGQ$suV&j^Stle{LXV(vI6KE^XfdY&U0SfnHheuzliqF0LxP7!Al0hv`Ps?k%O7h1P zyXCZ2!`u3C$~)r9pNelEA0x;AQ?Q3s?%>D3HjixW#S}b5WJgg$LW%g zRA}2fS9rt`Y-iG`hKgJ1R(e+gF@M=O0gWH5U1W@Dg9+G~3dT97ft%jegtdC}p3N1= z1>D_xK4pv@T<}K+DJI>326|@w(@gcWokZ<{U+N-e?mGA$hWsy##?&N33}c{H_q*Ds z0}YWFn9C6N+HXCBa)noi9Bp3{>VNdp*xndusoND<*3)s3z1wUP>I|TyjZx|*wb#q? zRtnRd1Fg(&Wy=MAuK<*{|HzWaRcIH0Z?l!B$2)A)HDzZD=6Dhi1^0{xJk`mTx!RY4 zO$@-Iac(!0Q-Q=hqPCq=%U)7 znrnW9q8@&Za59=uvG`%-ss}hY*P0C-zQ0^8*hr-CU(n2}Fz_|{Z)zv!c!x=8ECgzE zK2Vb>`@+Gx(%HV7zS+Lu$iX)0G*;Ix!Q&(bMsDOgk4BvbI~AvylLiUmn7BY{7PDk7 zoXpnd#;a<_21|Ip!F>blbTTpov~spl28zI&%C39e&b$r60~hdL8V&o{d%(sH)7{3 zMXo4UfWgEYrnOT)RLHCgaD{b%ko0{{U{IY>2T4|cc=kk)d zm7p^E_+d+B&m?RMo00$fpcw*_oP==b9~ha(|(SJ|G(*hCN;%WA}TrChYRp&;Gw;P%}NDn~X13vP!F(!=kH6&X%l zN_35;+|m~96{@=q#d67#YSLP)zM3bZClxIHCYyIM+#xhJp2~G^Em$rzzP&5sQXt5 zH8S~e>f%gJ4?AD|49yKD{$v-@i(h2~EmISEXk!$ZPk)V?$cZT%lf67{KZ(jRUPNB_ zW?{O3IFkRZm|G(Ehxz@KL-Jv@v$jw?k{jI52?sZaeriyY)!;!=4E>X|LHB5q1&$nQ zWbXVpJuwEvlLeB?A_C_X8*Z^`DipFmCMhR@e(suXjm^pqYeEom8$pewm|A?J1PwP+e+d6+U-T{aE}Zv+;W>Gb-r?`vxy%|D?;~qF8>~Gn zuEzl`Fy;sS`ye0O=Ly0<3b0o!ALKq=N+Dh|4L8!9$|Lp{wMPx_<1Zrk>Fl{|>4Ey^ z!7ub-GgJ-LnHU;Wl`nPI)6cjoC;Z5^Lezw@mRP?}gtsR{B1YGOc99JETN5^>`O`gm z)h%&<^9Fiy;Kk0H2pw=^pvL(AqL;yL6j0og3yg>z9-HMtyR%a#jF~__;`NN_7R-Zh z1k=OJvXa{hV^1c_%S7}`q%|W9nHDX z4%#g|fsaZa=hPsdnxoziLW-A9@qi@f-^hg&c;W7mxBEBHC2h`PS%Sp8e^<@L$I%~u z??5}>;=%))K$8S|{K4cG67xL2et|*4CaGl zFBUG0;LKRWR|4zg05v#Om|#P~VH!#VdzG<)8#026-UA{z{dTfg%;7+b_)R|p#*t7|A^7p0jLA_Tb$M2(SJY4YTCmC^BGeekKh z)cGew!?GTp`Dp$3Y>UFtt4h%&EIS~T-`X`LiHPmRLM}cwCr>Ea4}W^Cgee#9G*Z%+DH@ z|3oa zHa~^5Z=p;HLTCw?LTPSM!M}TbV+T3gV9?=B$WE^)rAmp7XtfgXdYR-Kta6%+S&1!< z&p41IM1AyoB0>03DY=wSMi{55TwM&mr}k@Mu?5QR#;=MR9awqYcQC&Pft1I40#8#W z_0$m|0_(&%(OL9t#&dT#AZJC+6>6(Vhdmq@CA~0yxTC_dqSTIOI0TxB&P*TkxK3ZW+hadacBjIP!$de3P3K(HX<{*W?jGBWR`@Jy-fXAy7J0BvAWC2iEILGMRAf z+U3lo!vk(}@q{$|wMt2MTGKIK_9;IRKS^w^y%YR!!*3O)=Eatnjh}7#j8^uY7ox^} zY9_2pG2;mej$5_tmx}Ku8mAx%J@pzWR{~a|oY*1M9!>K*f{1srWYKBXSBmQx-!S@6 zlg+-krh}9=B$5fA5c0StXp+&FwQxWfOfd8B+BZI-Zsxy<8z*IqRDl)6-xamF<|J&BhzT4(fl{11_jgan7d{UesD$I=L6&sn9XgP|O3{>FTLsmGUfhaT z@SRv|4V9kKagb1sxu@y_FEl1-_01UMs`a(mjN9OP%K4)3#{phisBEa&#_2cs)OIt} zb!bm5q&U~&)edqQE74shNtmD=`84LmS!VIs$h=ZaYY0{=JLlH|?K4NA1rf`+Q{yRF zY^Z0S5hqLw8LPAs$7-#oH27qX zaQC;<)eZiVD>gK9;GV?z*$X8te@GIdp$9jbdsA$0zk1GAWfvDAU7Dr`-P=owsPXaP zdiRwlU;h;GGU(y!8d+8l6teV5T_YAu&(4KmX~7T=@NBkA{EBa9}}R@taS zo&oT~X$P8vPI)xgbbej#l-kR~?}3-PT&NA8DIY%&RSI$g#Sm84MTEY!( zgM3(y2NMbqhL75Rt5yhrh}=K0M5sF&I%hM{0d;e zOVYDLq&|y059uz_1`-OA5j29O=jskF(M}}BlzA?HCJYVKpSY3yW?dUfp?(qWLp6J zmItFGwJ3A0mTJ^sIT)=9KG8~2V1a$3YURdY=Ak@Z-pM)u1cI~^Tkq%*17O^U^XH|9 zuJ!qEAX+vVhhZZP8v%(Cc9NlTOe%;QYi6^QvCb<#hA#I&a#)6hQ}tD^EXb!DZDrP6 zpzJO?*xZG&d2h7mdXxKNq^#$6#o^%6^Jj9R^w<#NlV7Djv>fgvU830s%4&0rjlO*} zI^wISSd+Slls?E@O>Ihgyra@`4Iij_Dl|9@&Do{{PPBc&&$roDgDaenUCo|Bk_Y&2 zfzP)W1JW+SDhKxcUR8u_<(h_n&{GE{nU9I4GK zyL$m7$ll1+$MF&K#hONYd9`6#4ahS*r=j{<Tn;2}dtrrDM`0RyB zPN@07cxQePMS7lZ?8|Jb#|D+%u|lNcb*f$y$XWxw{bgDIQ)&yGtbOso1j zYkvIEZ6iBZVi4yA#@q7$ns=0hc5x-KMg$u{7%NaA7oRQ0-l-_+`@gh3E{M>@@<9bntWz`pL0+YG_r6A?<=>qK+)H0INQ)aMFu2h~Z zG+kC#DMp$0g93K7d>QiJ$?ITg&jJ}@R*J@`s^6u)kc<2&n-Sz>@|iUSaFD@Ic7I=F zy37xw5>wUt@#FQy@#c)`-}8?vyICK+&T07IOSX5v?KXnlu>wA$$2u&mh_+zpIdVCw z$C5r2j?1h=tX7soa}Sl6nVb*=e*JW2NDC4J@}HHWI_P(J3w>#Y#Y8KT-qDVFek#t_ z|IXj3?I1gWCPW65 z-893Zu^P=heEnF%$x%hD8-K)DrL(fy@!|DL8B|*lD){G@)m>)apDiF9-K?t2(*lmM zZg=n1+HRj3EbDwr=#IJw{HQxILWzp3swaBp?e01??zxOcuDK@}lm{2ZBfNEalgP9( z&4q&zWnV(Q@fz>owT^o;S}Ja!C9;+#)da@@7U3sMR7YJOg%%$|zg)`qXBZ|m^3$M? zx5t5!=Yhx<4)-)@6KT;HSdb-vy?uzX2&j~Pe7G02bfxESp%E%H*Yn{;K0mux~Q8)H9vmPK16+q~^Cs+qUj z>XKX*wW{~uR(sdu&O~!rZ-sO{GzZoft(hnC&dMtDIzITg&#+n>4TfjQJDgV`?WQgV z|76VP%JE(-uuMgL+gymOTFz`V-wWrbegR32>t5Aa9na6rIw~9ch z`4W#9oR?%5GPR{pgO{^4KltlhQD?23G(P;{wAW#eQgN1`=g-NotRt?B)1BekmXh-} zO36bO2;4mF^~$7jc~E*gl*lj3m#nO=>X&> zRti}++k5-%>dsu7oumB?%5WcUdAz2x!iQ$7miX-YTtAl|Sn0K6b?_hRZa+hB`nWn` zp9Uq%{oz`_w!`tdQ|DSp<<^y^hZydza8oa0HLv8t+k3ep%;?qjo=G3>?^3)A%}<^*cQq{!X(C4u?! z8EeL|y$PVFJv3-n&gIqrE~D`DF9t-bPJK8ntIxB!`@LMs^i!fr^{j*sz!)<9f`kEV z`lMmOqUNle&JJ!=-gLN})qw3u+g=6lm+?R0fI8yNCc-sjV8IMwyH_Rv#*c{3Hdq0g z8EQ8E(C#Dbt6+d;C)0()*5sQ1;QMtUYbhKaFwrc!#BG+yT2rt+ek`-0e%GqJDuG9l zkOHwrZdaSKPspBsH3!jB&K?&5?0)?>4n+#Tomza}CdKx1476ffTj)nWNj%-Et1$7d zPjije8g9~L*;o<#)zaZIHk99J^<*|>)Z$bZxg1=$--N*y@>q*}%5EK2@cB4x@X-$-+r?BEj z&rQV7+V+e%hyW3#D}{ysI`_Gjg%1FlD>8A)NS#4~pvfA{j?)EHI3E6)Mb>|2dY_>N ztZLG;MWYm9@pas-C=$paESWCghTQk3upi1xzH^4P$}OrPTi_b*j+Nmm5{*H|c}HIH zIMEAeI*7vw^;@D%lDbq<)9bi;$^q^b&4#Z-^HrsSLx)FBywt^ptR;0Z-~!G*wN<7z zv&Yw7xmQ(@O0Y=!t)l5u_LVQmqW@iq80(MhY#;riw}hlOdn!f@rGV7BR;RWnv5#ZzSex<+k$Yl+n7&I7LsTr!( zm0#3I15?qFXiB#|nCFG^je>vC1He;c$hxnR2nTs{+5{-J1AZ=HuhkK{i7!o)j_sSa z5-jipOwRUt((`G{>X$8hQ_BuXvMGV}W`TqE^b$)u)BU^%l~=U3!!v&@9+k(*jg09ik+{eN7BajQo4!8&UWa4==A5G>ufj z=@3sc^#PU!3^+}Mz$JbSu_dzjF<*lO|0f+GA^*GQ9+4?!u<@#@v+J5D*%#%Du?RvU z6q;)t+b4<-fd85#F0X$|aV!riK2x*8zY&jgeu#EGuADuh?i>zio|~H9`a2&d*pD5L zcWE4#{5hT;xZa;XH7%G0nX-s((AhKVjWI=&r!ubEpEm{>p#Y@9pHE+4j)lb0_ycWKqYPfDs6=dw{H7Y8aoa9bI^rXQvx zU%fGYg5e1prco^{6$-E`F#56TTQIsV4(4jnd&Hj|FIE9gvvX$)rcRT#Zp5;-U?AsYC>u ze(7~_N&Gaz63QzoJstYfnI}UT<&Z9$7H2Lcv(f*~i|3@jM6i&?^i^i^&_X$@Yc}4WDQk3!%Dh#{zZ4{ufYkETbf* zz!8VHotu|WBysc=qYMiwX^41u% z52fhpuE3u9huGsYQVlQ(S~V`(G#kD-IFJln)d+*I3|1KtABQ=2y8m1@1-O7cPAH64m;C2s=A-`&A=THIj5_=slE|$)ILYugmoX`Dwm@zz zVA>$(M?X_bIv8Ca$HF@x)eC2%xv!>(73yKy!28@@Hl&ZYmZ9a}(lVf}LWYs=y7WCQ zBQDDio18p7#@*OFSJH-iCBJ+!*z_8WJ!nEBS+F9?6#V!to}^UaK@p^!70wn{SCL`` z`Zd;>(UY+GFWR&q={Pr5d>sYinT=U;mIU&u5IR$m3{91Gh)hR!AO6Q&v7oviW;H!p zwfj0lH7ERdYohCloD-vrb$dX_O_2qN;T=f97ApM>U(Y(6OSJgE0Yd6hHKTFFHBI)~ z0u>%vNXB*PjAz50`Q8^Ps-I8H7bKQIXQ(!O&-_(>k*BTezI$9YyXOs4Jd!!}4`(e0 zq5W!af`b!gS9P~H0}re3k199v42C(mt~eDzp8?s)!?t0XDxt`!9Uk;-uWy(OzFRDA zIZaZ{QElcToo_P~1{8kxgw5V~bvGx>OW=ERZO_VedxdN5KSeGNik7F;WF|nt3C^~e zeTSEz35UlSb_Zvb=-1qSs|YWzgF0?UWf%IJ1sylP z_`VN_Zt+T9TdYpk*s39n{qN`HYoaS!mIS}I9mk@>8jdn3!yL<~<$8zROgG*|_BI6a z-cf{}@{_;f#9~w#e$0*;2-Uo5Mv09|?b`pb*L}B( zLW=llEx&v~`iIn9=IeBD3O@QD$Dk3 z*J$I-_jo$M3zYqfk}L=FM*}8k@&4?ze{E8GZ(4R(f_SSK7MWQRTJgeM{i30VT%$se zcG>@J>bMF4D)^x&r(xg1MNF}+7{@#R9vdp5&r1Um<9^Q4dF)E`B9sDMaR_qEBIdEY zOd-P;IiJ@?@H*&EJ`AQzeV&Lj#8u(iO7^jhS(XCA!k~p+U=tlB@!HbT_h1F z2|ZnivI*V*#V|wd22$m$qHDu~N8>(;-B*A5MEUbq7R3?`ALj23DX8=c-tc|}jm`|) zl7KeUibxtmjrRhA4h%1zTG*IvI*jfhcg6`ehIwb$P)ZB_uN39rChO1QfO`fbSq3nV z6;IB-DzCq#@1a~*9#*;?@L*h-ZRz?Yndln}tqAN1pon&3BQKPf4BjUa5+&y^N|jHH zf~`H{K$||UdXKk1R-`sRr~PzhH=j3bbhX3cd*rn7gy{5WZ`h;pNDs%_YsvLT?4~1_?eBOok7?+ zbJegambBYr$!)g-qalt>wL)_Z_*Mwy?(b(uus7R(P!hV{dcBjQoUP_m#FgAe2=sX> z9emAZltc`)uOb#y3c9b7c}(`Br23!b8z8ZEdr!g))VK9>yEaaHw|zgmJt)27mpVS~ zFJoYjs#piS-+Bk;k3viau;v5^g$7xc%7W@O$7;?VKR?OqJ0G-{-M^4DOB3E1R9HSS zA*Dcu#6S)xuIb3&_7gGz!eNG1yal!9$w}| z!Zg|_dlsRg$@Jhl$%N49UXkz?3i-(u0CXyHXHeX$G;NcXg}ST~K3m^1s=F6u8&oTp z_r=%lJ^i@28!*|hnvTXOy)~H>orX|;qf_>B4c(|oW$!?~u zhVbBPEpR~LIl>=w!Ib;qKYaP*?18DZ7M#C5cp2P z-0M(0kIUdA5s>}5>7Tjs-m3!hPn&d6#RhBBkDOPCm=VDpk7ubKcTic}Z4MJyeGVq$ zI3KqDdNPx2&A}dWKq4456p8~Ms*CQcDN{e4^?|O6gn?HKjs1l~^);TDT~6H>Oz$Wk z<0!59ie+ApYO7nB|D>1$@Q-6hZh7lpB;aIY(!=(^%Rkh7f4apI%oCW@&GCZt=sM!P zZ^j6PI(t=)QMtXy`P`RT$^yxECX1qS6_Did#A+l_-X$d)&VmMnrnKeRkhq@C%5~## zN6P4~ntL68kw$&DPKQ$#PRS8ulEZarT$k08GZNtwI*O^J6PhV6`fe@D< zxaMbE)OeR9ieKfmvH%5|E$noujra#N4ANnf%($ci6*2bVoI$5L{GFdyVjCs+LTm=i z@1#^!`yicgex%5^h}qsvjg*F0BqUMt^J#zWx?f@Iy*uT|PjOjkc>4&IYX(g06(^~A zKq$4?_?t~iSaW2`kQYM@HBIduRqcl3I*D{PFa`qUB>dJYW;7e@=V+OL*0 zF=n`*%WrbXCJku68K*Ok4;{Q_k#&**o(ZaNmP%~rv}ZGk2yJxkjmNI+Ypv9?H%)~) z5ABGo1RP0#6%M)Th{q-h&3(2dqdramQ655d)aP=_QMT7_3Qk5vx3)%R{Ykw85+6Ao zTg%G_GRb|EU3Tx^9TCm?Fs`R`sH0ABU%BPHLi@qtVRF(Sqa3FDP8jHUbiE1q)V4)f zk2v$~?B#2E@BsHEdL#@RV;OXZCO%E-4K0Ng$EFCF{r%jXvA?*Mr=s3==feE-ol?q9 zF=-(vZ$cnsh?`nOr}Fi6Lj-6xh>rKGM?vh6`$1&aL#U*DKC@2YeARAfWA0Y&lSZd#T1@?vFpA?w3jH$=H*3^qdp$REaS^pM8B)wFVNU#Y?eF!?U9 zdLzgyJ~z((>1cS}f5NDgNNVe2?BO?{+4+&utUB{rq`Lul2ah&wuBN$f_==R0yM&W5 zJjnEQ@FMfK9qz^6-jPpXUQcfG1F1nVZPwFG2@l^lx+|3$>Yt($dh5PV`$pm#ic0>V z6cWAFMCr!KF;yhvK3`tHUD66XYHYV2|7*N2=S_zX30~cY+^O2;2gXrurNvlMRlJU# zm1=6g^`OF@x%}c$MY?o)&hKBj_|*fT7{t6RV}sS#UFHV znlEL79~@3R7`Wfs`!~M5cR3m~OA4<|H02BNti_{*mCQl(pms&?YD4Ah7epe|17Yhc z8^qEkU$sZzp`N#X-~*)vvqk{iE|UqL=!{3;j8o{@s`6l8e61zb1%?WkLwpQm;SgY%o{Td!+tifoxb!;eIQ>9TD*=#lx`N}v_lSAkMGI%D`*_e&hy!`$PFyT<6 zv+B&Ef5mbD! zC)k3W;YTXKdPXXQ{G7rzTv!pEE?w~Plul3y%y#X` z{QY$0E*wi0(HcUTQx1lccdlh?6zE7OUsn8ALT!*|1P6`;F0VN)*z!oCJK+z>KKB+D z8wfmvv-djz8<({@J;ho)cn$a4yT4m7M*C~8Cbto>f8u=Yb-)yewY+7PQ#x00W!KUE zb;&VHV*ZjW42rVGu(NnVe1B7^8_FypM0{U{C>LKwS{sSOD- zI>*lTCbo?WWXWk6tD3IZyC|eyQ2)E}4A9p(WNC#w{bSs;#p8Hp@d|ello4`H)FST4 zW(QOH{4Mjns7QQIYlH(;2#(o{HSKdZPEIu757Y2$HD`8GThft%oT%G^_3*6soj>~a z-*fFHPlK*_0sIy*-epRE!E)qe0@T(YES{`w391{PcvL9(GO?d>_8oDmS8s2ZZ5F*n z=2SC+=qm|bP z4}Eon6$eWd-vEpJh)1i$s$|dg2_5 zUqhJPDZdQw!%rE;jd!uoH&%z=Y2H?^GC(XY6kOQ=)q8crjxg%1B*SZ`)p@ri8KlgN z&Kcoq{ie+T)#X9=;3~(pp`CkWYkDmAdgJgVuyJC zF~{wSKA{k93p3{|W+>aPcl!EB3&E|bRgLcISvBGWLOi6J&25F)7gbR)ihxvjm( z#FA8xwtPL9L-pMMkS;}l86grtm6wQT9CZn}Z(phZFm2^ZmY6974+VQ=7=Na@#mIad z1x5^oT!{cO+wM2(=Jau1$F59Du|_N1vVX95j*Muy@QLZp$kH(m!D=sRR?EGj&6BjD zXvlB*{Hc_I8*Y~{2f&U_?L5Dox$SC^%GPW55)!^*#!SBA2fHxRjB=0lpr$z#zci%{ z_P$Vex@55{;>sT8uv3KHk&T-mNQDz`^zc^`Ct6@PZH#Z>j`A`UcSa+aJ6tjE2oE@( zQ|1sgKN|9FPdP(9Y9SKRlla%}F=nk0eFMqUo@fVg`s8nlUi^*LSPY!2kY+LXL^~lc zTIhoIA6E2up!%~RyZqiz0Tq}{lwLSu^T?kQSr!>!aPgGJvkJ54e#=K_vCJY^swM}} zC&|?}PLzBOy0q2akmf0%LOcfAa8r=Z=jvOlkK?T-MwAKRZajIMrm?X)>NsJlTtw-2 zpJVIrAv(c1PnI}obf~Ez(c}!rYs4sb#`}7Zk9#$Y9-BMa~!24ZbkPxOYXx{cj<70)vuG6b_p5aB)j!Mcs3 zy1Z6#?D*H6*^pIw`SCb+<1L@CNYDYor{D=Nj}@$)k+jn+(y=5*sPN87uYR4ScLt_T z#Q1(xUNQUWfx;yJ*R~HNt~+CT z5k}AH?A>|?ZJ6D)m(6Bdy`Bg3byyrSJ6sRkM)YvA$@uE_3K8g4&%A+EJ_A)HP%7?XOg6dS zIECkb+}&rlhh)y-^uOT5{s>zW*YHIpMGNGc$bXm^j9$Gai-9X25VH{9ohbkivLjNN z)$>30Zj8?;5aM%MLApbe10n;06sgTxSjUbj0gACCKAyLMFAGY%w|M)Mv#1^6xmG-CNRZnozpua{ZxS zUvj=&p3)v0&)cpU$V9`82F(VjeK!bITvV%GwEk9dN1n@P7?Bu@|7T5e)0?2dl%D5$ z!}@X~YZbKxCH!;n6KWZU1@DoF2uR!)c-^pE%7z=Eo{;*G-IXy)?VjtdiDM}>zO@DY zueB}4nUF|3Lz`uBTxpE`qfB2ZjFQS{eKrZBN>HmMoqkQ_>Cz8|3rpU{nflKZm{+mE zcTC-WaF%=Lzks6@LcEt_+htC(!%Y1dJL{JPi6D@+2{{dR0_^7pM z^18lOn84rLZb*$vG`w{c7%0q*jclf|@#=hO!OH^n!A`t23#NlV^~@sBCkQjQdWJqG zd+bpSGdJ?+wYkexrw`b1@H3*7tFKBl(zG`t{E=KH=rm}u_o|*Fc4bH730@sYB4kY$ zN)Lh|?<6!IpD*S;+|}3{Ub3XPDUp<%>9;2s0I7;PjrsnTwpvdPWscsu&!<>VD72nQ z16+gl9HqACV`s++Ii^Od!{99SUP7R(Rn!X<4fHP6 zqRm?X_F7S5yG zN3{XbZ|C&ANt+Ra40~O6WtZzF&exV6=8fkskj{PuBHIA*ER)kWdm*Q&rByPXS z4(hso6330l4>erUgb?)HgV?`6_~m6i*bskHJ+PAbO0ua05_<@x{~?E8 zu=sGOinDH=JcDOF-`@x9O_}Cqd7XtzjEtQU&%XEv00NJ0LtRO-u%OfD=t-Lp({319f*&zD28( zAq`n^W=!AxMg!bhxo<7vtLp1Y&3JSnDy9)V*_Bjc@r_Z3f{kV_Y>kjWSJWcEFw(nd zKOTx;iLy2Owf0_~TNm4Z)e;M{exZ)#M85N@Pn=05@9Bq}SnsN!eU~4Natzd6???Og zHtcr1R+7$K6^bq~9J@FgcJmhHcIxR-pv)Ey4(-421}9ZU+fS1F^1$le9Xa}zN_Rv| zJ+Wo{&69e*w{*VXg-&kauo$3N&1}h-(Owy`HNphN1K6E%L`@C`VkbiToO{zHz6`beq+b2huf zpo3S8HN&|tC#uoU2REzwvJuE}TP@+1r&|c23esGJ=Y*}J*kUPUy%m$WEm@x;NrjG@ zDIf}wi%eT>tA7G(;ObzoZ_Tk%w+fVxo1 z5pm-7Tk#z^FTg$P2NU{@?E~xSV*Yomh;#{O#^b8hs-uctxm9GQo0P--xcJg$}*W8#xk`rIm3_aw?O<<2T3!1ZTNv_ zZc%RRUs-`_^dzrw$fkIMM4RudTJV|J0a5XvgpH{xP}!r%`&C;kHynQQW0)-s`-GfR z%*CB5MmHM7fgYRD53$NGW1q-vwsUX>{yN3>a=N+pzMF1?jtNEnvw`zkYqnhLnoO6Y z7QKb$ePDen`F(hcwmz#}%+foYW}8D3%u;cav-D~#I5g-ly5kbihw&L0r{1iOJSnM# zIyg5OWGl&ZnnY}~$> zZR4O>`=ENePVv^lvk0MzfO@D)nFzbZ6MDbHd7poj54OjShTgfBUyTg>Z(v_63-pxy zjioerHLmkYV3~CG?&jpJq|IW*;i z6y(05Fmb(`Ivjjs2v{~T^jepQoam!omyDdsvd&sFS#JDxXfzdNz2NmkNyQJmlSO58 zv@j?WMIK?x-M`Cs?q<29Mm}0Po!(X3jS$Pwin=pBXf)I%J^)=LEbT~B9XI?tfkF3K z9+lu!(n=C68RjoEUw;8@F-M&S>sQRQB{!+eP*&9%ucsQdgAjFt#zD_}Ap?FBzz2H0g|+M+rQb2kgH!x|jEF@fQi~ zm85;N`skV#mUFq?YRKI5F7b_EG|>W-l2~X58N@!F7Ed~YcD(pulG&d2zp1*KU0t}M zW5(UxyW?p?rV6I78%WlaC$fiJE3W z)i!7dHgn_Ly>+7^77rXM4g9i`6tuEiV(ky|jaYeTJi$dDy8?*T*794jAN?NGRFr%< z-uEz-x~gQD_~KhtJ>a*UZ>v5q%IlBDQ|kO@mR!>jzE*5@zkuWjFvA+6C6FNxO<7Pq z8kpH|#AEfG_^IAK@?~R`+t+V`Dv~kh_rKXH8t!zH30*Xve{r*Lvi)2hfaP6!LO-Cs z@jhrH)oaYhdiUj+8h>`)u~D>oEDcxbDgvYESB=bpNt^bsNjvBnmcqn1gSsVb@s|hp zp?-0G%Z+6N+|OY_s6$AKlDgGkS4Z7Gw2$- zJ@=X+NN37V8|KHN%k)ck!1N}|AqLAvk=OIr(=(RI^CtSH5)PTQS497tw;Yw1tK#J! zN_77XKmXHDS4#Z&7L8sDrMX89}$BA-89@H#9d}Avf%|Y8P(*Plr4q zg}l9XqpLX~ACLVwJ%8gI(x9}Ee}J|;<_%?RxIr)9Cf;&QPrH8^`0{(~4*tF@GQzhT zyr;H;G+fOD)!|zO$xcd53J$J51@p-g`K^xbrfBF12Zz)D-vvMHT5bae=Z~r+EA`RO z?9>!Bop`XR^A@Kt%TqeSN;;jzPzwt7oFE78=k|km5tKC}6ekQlCWP$p;PHuOubyvT z?*j|Y+Gah=P*H49{H{$MYtL%@ejd%$=*$OK236|SrkX^nsGNDs12tNYZUsgu3fTpu zTu7TKTZhR<2jE;b=df*Yy}L=Z9yklrDK*V;c1n%8aaJQ1kHDFd&#-T0Ho8z#2!^IE zEFI2|W00-yN<41LZYbf23R#hhEXHA&$gjmhxlF=?TI@P<6^{u^o|Vebf>z1Ha?HX{+{V`F5NJ2= z8O&DTPs5Y>FP`Y~8>T0H9`Qy{nyYYZWCYvZSH(21L6%3hP@=T5_M5iGkZhWI1L=zi zo#{cn@vL4#CX9t@7l{2|P)!xY7xN7fMo@B-2_d{Ms?_H5agtJ_S_tO>FP;2Ry z>p4xDtlk&cd?A4aceGp|@%GR!y~xDMSc2R?fSkW};g_pkx4+NbG~H03s7E&cAuj31 zcfb)M=lAg=aKo-&KU{KHtEXD@skl(%yjl$r8O zo)(0V7FIk?v~Brx9ONhB&W*pbZNeL#0L^!zXrW32@d#~y;TZ9TVrm6zy&8JG8@juCFqI~DBMKea)46CEx)WU;%QYS*eD8j*%TEtjki3s3Gian2kEqOcWYJLeLXz@SsNk*ZRn7 zG})nFZtfV5`szmuP!$$o-->|`+Uqov+0Yp7g-1l#&`9t)%rA|;(?N9D$Ph+=2PEE} z3lN6B6K4qej3v*Nk@*rCBc#YLpxE?IF=I!UeDovo#ymRXFTAK2^l(~BE6kc541}9h z!D1*web4HdTAPJpp z0l$j~4O8~b_e4cD^Z`#vnpBofES3>0*mprXM950Sa-yrKy>_5-IS5dX`M~a8A-X?r zhXQ@-18PvTBBX^GJqa!!yZ)U&eUb+D#R-DMQykpL2L!*En`*cUd3Z(s z3w-nzhABEUg6h_`-djtNOGL}M#_irwrrwy|?@eeVNJo<8IkZ5Psepfo@OaK}vJ@yD zy59%qU*XY`Wzj2_3gD4q+3@ATy3)w3s7l0V(dE{3{$>iA9u+V%NK6V7(u}LqvphZ<|pp5Lw-j`n>!ax3G zLA~|R{M18>B>!wL70R|=O`oM<=62Y`jI=SIM!NX#g%>M8UsdxX#!{w z4!;G`)-rC8Qh$l${?gh{OZ{b?YJn#Xn==9Kg&qae%Dq-3a^xyT2;WJsN;mMnZksn3 z`Jvb(Iv_$&s;xyH?hM%-89^2vWQR9`yHLp`A<5PRVBePBB%qDTg^R=eo~#dwO5lS@ zC3gVYOaMXv5N63&!VEe*`5+90v1zR!ArUqNA$*jJ{e!BDUCBQhVHzBF`0KCnNh#>4 z_nYEG;VDXS00~O*2wAd5$y5})jT;#NC4A+_aJMj88*+eR{?hUn2}dLZL!*9eG$s)J{#vx?|IsRDOy}x(?fevCT{>T>zGrUPg>+|Fp_O6WvXX4BI>0iy)@&I*Z5 z&D?f?H!eK`yDZeUgcj)t{X&<*G4fWC3vFjpR&Jmoj?V?o92xZ>#t{kcFY<)o3(O5O zVzSuzVrf;Rmpe`+y`dJP@kgI}1Jx)6x)*QVDuOLTzrIf{VmYnJbIVVOzF{^Avn~BB zfaUI{8Hz)?v>78Eq1I>{iW~ODk(*2|#$vVLK?_YLxU9)c%1g`NVk?cey7qHpj)aq^`_iJNYta2%lARcLn$omcIs+zXI-@HoScM{^2?gYlbd9 z!DTGT@3ghz=X!sJyA4R@-pki#&V8Bg*_RD&!M|>(&7g&S{1Y-n%k9qL+vturlyo^Y zN$qfVRE&cq-aRY%aLfIKouORV3sJnFhnk+RE<&P;q9)Q{UVh;zMg0gnL=WJbU-i zXOy6Vy&h8nUmF*f;^_d9gal>tgq8~Ahi!9$0Co=M1ycjznVcxn(V!RIG^MKo5yl-Y z(m)}43Ss_U^-mk`bg24R6KIj{HSpj2tx~xRkosEOukE&Nb4P+r_i0qu1lPEy7W1vw z`nfNQC;E88ZT_M{yNIG~C>20XA3*FJMV~Gm3%^wpj}kdP(2?|l@YgU4~Gn{FR4#|+ruDv$cS|OMUMr3~&yNbXH+X&|fo z`)aSapaHHvN_86FVA3(^Rm*RQ%29Pk7s%d1Iol!CZ)vynbxlA;KD)8J1TL4-Xxh~v zLA+A^9F~_doJurWs&)~&L;5}llD%ijUKMMB5@x!kvDR!bX_)k>mHtmth`z7{w$(LA zd-Gsq#KBQN(^A`l${)!+PJ#>y;G^>Hf#SkLTTeh_V%+=D9hd)K0AvCGEdm#w!T*Ls z`F|@zR-d-%{pU0%gS{GlsGd7JX%@DXD7aIu1xlpvmd4Dv`8JCGx(*k)A0$3=Sz24! zl9KYe!GFJ<0$BR@<{IyThIPE;4@23j9RCmEA_6N<5iSPxOKS)ey7e#qf6atpRplIc4(R`W0o)fv9KPqEH#m3sUwP7!-Zc#Bd!DK7yq3Kw z$3+ryr7Ly+b2~p6h=IS3bds)%-@R<&`%1a>Kl5!x{{9G8AS~q5?pDYcS~X_G89q>D zn~&YI`9QG=J^d2^ttsWM61$#~FljUb8FN2B{zatfovA*- zH#c9TBG>@FrhI5MGWh50XQdgB);q`V)~(=8>@YzG{MR*{N*9I@K3hBUN+oKK%l2Y4 zXH-hv)Z5bo2`K`bAOVSzY>eRWmLJz@-9JS!gA))bW@;0Kt;}3Dt&xVXk=JAt`Beli z|K{4mjV+aI#z?SRsXo@X@^lYLda;MEAMu396nry$pI){)%)f01(9te`>{@7Xx+geYafP}!3V08RRf$NC z);zq|(Du4B%Xe);n&kUT_2NrKcM9jC&{saDR@nA8DECDG!RzwJCzT(IeZ@SU!^qhU#|jlfmYH%b&C3drZ!@c-*T`A~ zn@p3`Gk`cOCva(bXYNK&AObZxs9K^w7=F}-+u?ECPvHrd)xoF69C)1D$FzOLUHoyK zMZHytB%p^^i=;r7R+??}`2p@()z)L@d$cOdstrij9D}BobA~k>2o{%;i21OYov*ZF zkh)y%V;~^3B+10Ny>!nkYe=}zOq^K!Bi_|wCmGC7QM$wDaK9FE*nF3D_eE{Ktq>yq zg-@4eueT1!K4kr(F1N?~EVJu@cx7jpjnkhk%)?V3G;tB+^HAS)F!9eSgejMma_0NG z=#pD%RK?cP*?1c4D&LY^B8ziXRhT`KH8x|`hnXzJGHA0(_E*l~gL5}=zQ5pc>aCY`z}|X^OzVccl|PwYC^r{F zd&7y#;WsZVGTa;3^ClbE?&8zs*L;%A;eR~tGAj${3&_ug;(OFpyaSl?6;u2Xs+UE7 z*>GQhPz(0E(TTdg><6p$4&jxE%PgkncjM`|B30?TWQ}}Omav(py)lLZOx*gKyK!NQ zPHnSMN%FkY&tZ+n>g$z}h7%Xw+Fl2rmTvoNwc%sT(?zYY_6RZBRv?#Oq&VSJ_(5&` z*oqmBkY;I!mx6T{rsvD`WT?^XD#2eRl|^ujo5W`3)3@LHH zfZ%o3FccFu3uYVl4v4ZGIuIB~g)GuO$_r^rGM!$7=*VXjfk{Nm0IFTy# z_{PNXMqG0FzR0 zV|H$*g1M%h1TR)bNQD36isuuWEfW34EJ8N}{oq#ok-S~Sqga&P925o88=YYL;LIVh zHZ}dnr=q<^D|pL7-~JCtb?hpl0P@YY`@wYVRQE82^!WiwM`S>m)3u$@-(!gK%&h^N z?ev)jeFsirY0yu~E5^TgmC3UV>nCdx%AQ!s%0weMyBw~~)klC;o zR58!#rthLtkqYm*iNkBSpL5G2k*FF|QM^HIBaP-R;f)6R@|-24xE^06J9PA4KvG#+ zyQke+D~eYNlnv(GFDev^(I%kKqngTH-NrRL7IV%6f&Rha4eOn0@^>?{O_F!Hi2U}H zyVBGW2&Sy@Zp%}xvBAby*MA-kNQAIwUg!=54RUdL*4GLBe! z3Y;%YAMp8gG%C+Uc2$zQE;!jun{=%ji67T*~11`xoK{uvPJF&7O7 zt5Iq)E9WLEpPV6toQ`wBcH3s_{J2Iwt1_p_+|$T+1e4aNXyL{2)4wY|iduu5UVm^t z;Iofw(0>KXJ#s-+4MwvSyX2vNHp;JSu2M$+HFS^YA5V^8f#$yz>sQ_6XwR1Hwd8r6 zEt~WBPNp2a@)0$yL=;1A#y^l_8g{L`MCQhZYP3v$AIFU_K~LCFQPm(}(AYx9b3#ZD z?T;_89fMY~{3RdpkiwB+opGZk$&g8rQ?TU}Hboejr@l>V%FQfd(-_rD-#(&!%~+H& z%Pusi)I6)FoEYioB(=RSD%f#gv2tfQfH!zT)x>4cD*z9mjq%je7{)9XKC#at43IbM zHC9Qy@E%>Y+-c#a^iVAOJdhfOMtJ092!S?xqW@N@hbKG!B8Ov4MAbHnggA$*UZs+t zKRRRKRHpv(T?qk^uW;EfyY?n6490FA+lnlotW@vs=BVvAKE;MSsS$+TDUBFUbzPQ! z{5jCzt*jS1LqlyL^uhWeJ+yaSr4CRtCW_U9U3T)dgiKa&K0lsYr|GHi&|XaM8!Pob zO@?hb>7Ib?G46t-4I0LSuJ@DrlH1cy(SfGec3NALxZaB1^k5j!#<1fR!Y<-xC|{g! zuvqMtl)??1W5^8Amyx_d4d8bhRLV}~c~lN519}}kbT?vmFL~*K4=pVB6JTN{u3Zx| zdbI8I=2EWqq9(F;ZG>9u+Ov!tJAdQ&v)WEO#^qb>b;VPfo)L6bQ*-ygadfEAAc><3 z>bc8IkTXznj0^n%;U?Vs<^!ytEEM(LB zQ`b}dyh4$XIWCNUBw=#_u3_1eAU zr{|M@uj>)kv6LzDTZEqNg#TO1eMd(!e6c|3j(*5%^O60rVJr~q&?ncI>@-Me#R7N7 z{=*gC)?^rdlQ!oQEVEP$`MCse9ZE1d_E3OfS{d=;it^zre%oLdA2H9vmr&-f@9lHt z3aC+Ahl-q>7G17z+02o)$utEj*gCj)O;I>S!n;CbZ$z|P$RZu0BhF%Ms@=k?#H1k9 zme7S3nK9%eoWe_Oi^iqkfBMy7wUQrCY>+JtPlQ5E!5+X}G;Nm{tX&Ew3Rb#z(Ro#P zi|6S!cEz4&VDI5t`+!_|6L_U*_m4oe*CcQN3m()l8jiEv@IL+OLxaw zR7=H$TJp!~6K6>p!H+2S)hI&3J;YK(X}7--mwDC^w7MAjKXG0XfBQ}n#z`7>U>HLK zvKzT&{&4DA7*_m8E1PR37+&ubXGGhAtTaY*=ow&V#NFkgcdwKcNxmq=7{Pwxx1w&A z)(aqwnVmqE23%^Pn1@4WNO`V}5rp1Nq<Kvz&CP|I&lZ^!Le zi3`S#d_}+uPP$|fImU;i7zGtS z3X#N|yPAoVsGvc5#2<@)+LOlRFRJNNTnAO7UWd&(%?}3={-9@9$6>FU?Fan26*ACb zDv=QjMRKSfw8+biB=n{YNR7IklRA*$2Z&3ulB9Ufq+RSyK@?Q_H$E@H$ZCh?HxU7$>AI%Or$#I$1R7rFodhpHIYDBmvLW;M zj3$Xa0hq{ZdBAqbKFGg}I=;MB#U^}V=TKBAPq;C_5Mf~i&udHK^|?Fa1G4lz0t2~% z(Yv%5Ddvq8PyVBJfI@N|G8NDmA2^1iYBe@x`>Sf8oIHhiaN=YfliK!fREH-*c{sVq z!FY^>s<$BAN*}d1I0>ifMU#m@RYIL~ybZr*ZI7x6E!na#EVoZJY$h}T#}6mTFmnLj zkY94*JDK;_6U_;EK;aJ)g^2Hs3KR_%(2596^(f2MZWMgSVJQWRWybD5rHFXdNJdl6 zc9Bj~tioHuWW`mr2*SAOH6rYeqxal4B_3UCBze&{)?=a;OYXr-^2mR&w#FsMBJq^4 zY@IMwB1o#i@#KT}oZ>y+wYWl*k`%c#GyT6h-c3Ng>-#h0g7PnNIGVoY9#y+w0mbC%1L-SP*qHd()aD67TtqV zD&cjGiy+2J-V)C`Z*Op;!dpoi?T99f$D>UkJrWH?4M+aj(3NFH4`et2U)S_U94jHb zdUjPtxLrBs!5TGiMG6AkRjM2C;-+a<;n1w^H%fle3dR~z zeO6+3+vhX(Ftdv2Y#r=$2Z|~;obR|rv!S@p9O521M^I^lWg{*Cs!>*Fk#DWl#SbUw ziqJ9{kB39pIiGNNm1Bg#AMv2p4iXz$i##2im}nOpOb z@RymXKj?@D-kdVzDp|k;(TaBO?r`0Si;)}~QL5k{D6kTjYstX8zCzeL8>==!%_bv4p9SZBhmSf4woDE8XRH<6wRXY=W`xQ^BsLGG;O2dznziV+jTSe~1{&G~* z6X6za0JF>IolkFkHf{STF46>MQt&Co-ran_R{BTG;`)K549xyK4L8dzc7hc>Juz@$ zUp@h7aWg;*F_3?rvLx+&$BN=V(`a0zLaD}0{DYke%bwVwbxKpslH4ueEm1X%zm)1D zQ<1;B%nRFX%+N!d=t+;K&df^$u0TQTyI!D^?Sq~i$?vspNt1XuGw1aeahx1( zr%5~J107I>Jk1P;^k|HIfT0n-$~3egHqwTUw_4Ju^rYnk#E`l^qFeT3uDlvds)qu7 zb_cT)6Wd6EO@nus{jr==NqI5VU2mMZSCBn42E3LHAoxHL)3P2$MF`;EKy@axD4`qb zYu{XSFfg9h5cvRLsUaVhF-x*+J&m4+IxsCh(*F`U5?~Mp#xvm``5=G7I1H>xRiNaY z6EqB{ZN84X1nBUpW>)gKsuY%0TSTIWjK^YqwZ$+2u@hr2=y zQqQ0B7P5*PexLxB>?qj5)|s!MX_jF(EHZXN)a21^p~&ot$aQWq#2^XDv2Vx6Ud&Jr zkYe=GUmDP1Lhd0sEHcrg!RAp_x>LS!lC>gS7)S6J+56KW`gIS}5eq+k_>ZPVDtu8vn;YKY-kXUBff$Ohn?>s1D6qQEU&Q}|u zxS~*?w4os2);vH}T<(#mXJZ&5k?aOs@*b`k?H7f`Mj}6uNZd0(nG#D2M3gej(Nu>3 zr4PvviOYNXJlm2YZ|6}t0QCgQLvacR{BX(6qR2`6M58NtItP)LFZd)#3#_)H8&tdS z1zW`@qwBgzt^@;J&J~$wt1Y`0L7s-6o*ndN>y9!WCHl5<%(DW=0fP2iJ`0^pE=j}^UCkf zdPYXohdg|9d<`DH&pJ{Au#M;uCEMV4<~Z9vUT9mf3c zMxoVy%}+Qr)48w>)eYuNBJ)+j(H%fT z=Wb2#uGn%2f|or@oVKl8TTsq~w>&4Q8^&*6G}m8J%$#AYjTH(ZA+h{^&D-zhy=$^> zha?@ZW5y^5V6)#_J!t)U0`awXZ{8jw?erBI=kXHA(MMAyJc2NC-c z#D+diqQLc1!^OQVgTndPIm9ZuT>Gy?j4W#^R)vmp=C1KP;9%DECo|CS;c!uq9~$z< zF|R6oxAr-U+jjQpJD7d(SQlsK5f~TRNeQJlOLIW=x>vmkx3yS{UHHopenWy0+xSn^>DHTh1AeWkvj}hNmr4o zxD&|^vodbm!NWVrY`ZJty#=z?{1^|d@O$m=qQV}CEMg+vM!A5NPbP>fmI7!LVXj{H z1TmN!w(q?UVy0hU=b^`5Vqq~GAN}c3;$U_BvHbyee_tOZ5^Rd%0;O8oy1wv0>X#$4 zybTda+%)iZ=m&y{c1^J{^JaNMc%+ZR{BTG%cYg0z{Zif;v&DP~sGkitSTZzZ)|Gr0 zG(EISY$VK%Sltsj(mpu%to>;~@7FuQyg&lmeacmt@^&6gFI_<4zVrwJ4>sdcY?zwn znF)}hN$soQjNg$sW1vqtM)@1oymW^Qhf*a4N>ve_2k4mIT_KYz{kwd?1kx?%A@vwa z3(XN{a=l!ITBWkvd@}uL%PjXe^Lcvm6ALYDm(p^A@5nm92*=~r)I-%H%Dm?^0j{9%e4D(;fp>MM1sx(%pTsf@AdD`?%yAX*CnFM)?`O0gI}4-C5Bwl>6x`) zr+#vCq&I9Li%IyITr90kqkkW%{FHV;_aaz$PcLbC-FpJK{sIdjupB!GF%$UOECM`xJMC{*>-Keau*4SH(aSU$rs}LUC+Y!oA@iWdT@U{zs8z7kV54I(ulsVDV+Wv} zxsavNgDl^5?%ohX0(k~^ej5F5DJmWvj9zIcRRJeT9d4K}TuR#1%JrJ0T5E!!VohR(0}mIe{j$ROva_5t?o6A7A&%4WJW0R_8%82e|s(1XL+g^OG^hS zvQU=lh!-a$Pg-i}*-w7_c(b2mxVel;u1<^8w-XTR+!p#^z|9IQCXO^5OX2!UJEL#> zXNQx4?6G8XRFv-D!=O$^7Oy=GL-n2vs9(Edsek*HrzpLLd);iDXcHf?lvR;?xoM&sv4#H9uGGtcwEmadJwOdv`r?w

3WI0KD!Jt#qz9+Uy5lLqulf#l^TAtRH`BaM=d7B)MLkzB zB$JUog+z5GtvL4(fAoD4PJVdlZGBv^ecEZ)FSA}gs<>i)afDGG1(Cd7aERu8rzpTc z)CHS!TZ@uy-=9fcYqhkMp3Z51al|KF_0LfpRyBIyt`SCVu2=)BA3Pc;tSA8=yIQu0 z^vVt!wO9N6FYp}EcEuGWHk^h)C$SsT*PS$yU`9opTpl+g>(c$AV`G|C%Tj+AorxAW zZ%`!NU!p*gs@Qe}=5unv=N2bPFf|gv9_nDTXKb zC)IKX4){N>-~?V6oI+tXr~ZH?DZr9AUnm&&zamq^zRxhZ6AUkA0DR>^}BG>#~TesX$mc8 zJpShmuf#tt1qmRqQ&l1Xjy&5aR0&mwayf~ghMf%?Id0KBbBVrgjhL3*EiTtC6ny=- zrgxm-yh_X__8Ory6OBCH{RMXJwps#o$RXx&nrF?1+;lV+c%t#p(K3cIr2MCl0b=Ra z$(}orMVrTXF2jCJurn6;*UP2%SOz;9SfuG(=(Y0N#P6eW@}KWH>gKPDp;fQ3nctWO z-{7DSl@z6Lshko_#dJz#(T~>oFSJ2BpC7rvbq4-6gL`TEj6#YT#_8^qJ<8^1Q?HN1 z#Z)xVfQyaI8bJCZR-(k+43lB^<2NTX=;s|W5PP+XK|N5JQN`tI$QenhV>Pjr)3<)> zx?uMCOT*55smcz6LCtFXVUpfhbUVzgV2rsXP?X(lt=wigL}|{Zo~rYyy`xu6yaiLF znFnih^FLE@$0mKz`Sar4n`!bkjVL^SGEOX*p?jTb;9ZIE&*Ssf@>Sg;ee^#9Z(7@i z%W9w*d7Mjqi^oGFS3a-h!=@&8yXK#Nf&KKU9+XlFH`SkVG)!lCGoBR7PRAqL1_8d% zfbe!)e{)v9{|43D8<=YG)N0amZWAl30ZDBZw%H*AJN<5Ldl^lWzWG7AX3+|pi~MGO zo;r+Qume3^qe0eUf@5_R@>f%Kqn#tr@x~2*1D6$l)%qIeT+P6C6CfD8jKP_@0jqaE zi}kNxuhzv8-%O-M#O=ZiNcNVx@@NGZ9(aVSK|(-Pzc5J|hQn+Qain)+#u9K%AnZ#J z-koRl%4=DTGw8RH-xxw3hq(SzpaQL2{&tDJL%S?Vc~qdHa0sT)G4|)=4B# zoz*nLP5;mExEf=_7oS-v{oibIgRW*{C^YKwjn&{s{*Z9~Oa3gQ>W%+n3^X*zocv(; zJ%g?6#d^_b7|&BFOu=%Bei!Ap=tMSGn;+HhLGxEeIr%@srC}diwXS+;YgMwGk-O(z zqN@Z)ievFZ&gIsEvP8NbKl^7?{pU+4|6`ADRF^D6&bS3IGSn#5S`l(x%dbEay9-Sd zQb}1aDlqR%s0gv5S;UqI`KIf4r?Hgk?ee5R_L>8BBE(yF23LjO_rv!}5V)xb6EJM&TH|pIYy9|Vyyfa`~`1=`E86YNbies8~qqy*2XmSaoyeyD|EPQh^NoDWm+Yn}} zb$R)pFk`+c|754=lZEk?-Vv#XsuZ-E-~|GWos%20gBAaS1}6m!fGLH9om2LyF5_z< zXO_pf7(UE?J6F-#FO_*P;4L%UQpjp(WKhrVcBKv`6Z_brXlNy;j3DgO8z(#eDtki= znimqYlN}?z;&Ab~?_)NHe~eSch3#fBDpOgfk1mAMVSa(9Y8{HyRqKm~fK> z{wgEB0QHY{j!(NYrR)ptzI9V)@IcgA%4U-+{eI-IcBA5A9Lc=tA87bOZW)F&bESA8 z(rE%`tG*We3(MS_;I`o=kqb=R9sT1koY&9vJbfwuX@|lNOE=2ymnyz&hz7xTUiB4s zsb)dd1*eLRrL#cY2e>V96v!t9KcW&<%(PGo#Z`~&j)CqSVd1S~XFY?*#M71c#8GBO}s#l6zGeY$NZ;X{#_A z!v~6`jRYLWL+Z@*KF6@?Q+=|gv^o8Sw-;xNspA>aL_{}_Xu2$qU7%vnf39>6L6P9Zz@6UVGV90R^ zkHh>~9r`?xRRJ90rH9@*p#~mU%fK~Kn)zpY&zm(1Z_$!r9rsvvF-}DM+L=FjU>uT} zy|l#=d|`w9u4CKlpE@(tkSft2IWw8qccM-S*HMFFXakdK1H-O@Y>0TitIM<6WYish zMx3>Mw`id2j@6A1F5OOI!D=42D}d-&my8KsoRJ>lx<29R^j``!BP}1wehk$8p7HF} zQo`6GkLGKe5M(j066dJh^hfJcmn4tn5}`{f{qABALLhQv$3OZW%|m0^!|YqXYu_@j zHu4P-?#(jA%^yRC%EOF2O0}sb(-GEgJK&<2-NYJ<0nUU zbOyxjj@{UK0qilBL=eUq0&Bf_$QJxjON>3PeX3vYG%+&7SeL_d%5Y_#5D@u42j9qx zU6Bt#9y4SDs5SqEB%~-mOt9I`LMwT&V5L29vqWcN zpJ>xV>~ol<(y3JQd%xOZDXay}gcjS#QQl+)Dn8J?Do+(P{iOz-+J&U@$TW|@A|;>$ zN&6)m8^33Qd-0)23>Isb1^6#@iN?N0X2{ceQWfCyjq$ZUW=U+kL0SBU2g%s$* zVdT`e7h!Mf23lEY6eDE@9ls*Ujuza`Jbsjtc5vyY)qTLMp+7qHAN@~leDbIqfNF|5^%_R%bA0H48-V#=(_&?`b-BfC;W8CM}< z$5Kf2_*(GvQ4|2@Y+>H%0sh|S*gq<}0;rvphrDTb@}va?GK>^X3j}&C)~y20$VEcZ z6Aw&k!>i=O56B7>cJ46LGqzY}r@k`pS{ewht~6Z=wA=okW&Ze<=p@`MPDw74@ff5qzwZhrBLQsywR53>hXCWg zB0*f{k+QThYedl|!ID7WRz!dEXs#*guP()9(V5ucD?TK;(C$|-juWBQ8L4F_qeH8S z62Aa!)otr%5RTB^_tg(li8`r1@>pkG-#$+2IbDqSy>Huy&gZ|o2u zkd8uuY$szh;~4)qri$P6dIA{LL%a|2w&RKgPcFgrwur_@5o3-rzWk<2h6irJ0^aLdXr%jqbY&w%{Wx5Yda=ddV3)ab zadZ(tvNy&f>Y!0P+*1uV+Uj=B_!dOc2^Jnz)G|gKIWk85u;|4|Eq!`=acm|Vmi~OA zQe5wA%-^}?RE$66N50YVnDeP7l=$@SnVXES$Ek!Dwmqi0))9LeS4RjC7|Vvg8HG>2 zrQ&1tq{H&)e=kEf9sH#!4z({oUaAou#jKJ;uW~+{CV&TRCzHmuJQ{vSq~wak>nIqn znG?H^nqa}a5GYE-i&)bzA^%J?jJ3@%o&~nlgRy#@sm!(3Uh~a=wJJvivmfvCf}TH8 zza`X|e=vSxq?)6N$nTErD3eYpk7YIH$~@m#M{0nZ=PjbOcdqp$ls6VNqhyo5KY4XknKV&5RfZ+sy681ONp>|k)6&wN;B3l9~ zk4u#8Fe_8ppmXW;^0O4AcgyMz@Sw#+T71`2ov@q1$CND z4!n-J&xWNN8!`-6VLg5tssO0vth=-KXYTcsFwkAH*mQ?`@K`hSPab0iG&5g{qS#yr zR*eeR;UpxlzH=??dH@8$8#wf9p1I9oqGnS8U?HFcg`39y>vrL|8cZ9DWM@tFxl4I7cfg7uE8+0!t z7ej-<88Zhs$FhZiPS`th5Sg|YLS8PHBF(}fTfUTdZDFy4Ul&V-xV||AC^NjJLKFhK z!eb{t`%t-g%14&$el3SpwF0-Z`|>OI=#mk7Rj0llIVkS|Ol3rJ2TFazB8+Lgm;ku&|sJW8D&q!I`W}Pt9Pxo&I4mo^!e0)2M$n+yIT_%Ji$f zi4QcpA-@eO8g7jAU|7ejlg#EHbDdAs{p7g|?KCkjjUFbo){rdC#B1h5A%F7+9;{84 z_K?a%o`w)J2ixu_tF`$EDl`SiYYP{OR1|?_lc~T{@H`1eyTZK^Vi5!J0*!uj(ffTtV9k} z1n;g4{EigqK~1$Nt02zVAZ%WW1>*kqPgicmCqYsVvfFa_HzNu zPrxy+&jN10$Ic`%Vi^B~PovMJOrBhLZF?RFldq|XUX8l}uxp?<5yUbo4Lnt!yVa=l zzNwDkIL>T!!au7SY?ofb4O#n@6~w!)jyIr>UHg6Do}?JUvD*^5@?J>2S{gz4?ttc4 z`}~GHR_sb=E6w$CQw*mv&Gzz22vs5{%<@de_8 zd;21LX-sB9py-gx!cYRY3Vi|Ylhdv`OG8%FZe&J34T0u5+49^Xi}ouKAzt+_qOO`)6)*ODkupK{hR#ta9ZVux<-_r)W(0KAn zZ#M!R3vOUMzAbI!({1=RZ!kNRQmd!_3h@H1(08TS0&92F45|Pk5ge^d8muxE}_%%wFQf{o|}P^`$Kz z>pPb+_@OaBJQKk0puDh#AEuUHYhZ-k=Wtwo zmw4@w9JCgE(9iwxibc=rApB7^=KbYCse@stpC1}^;;S3ROS|egF9{-x`=V}fp%SRmXtIxvN&jy@(YOUG0eRJ83`d@IgjgBS+T-cY1!7M^`OjI zOa=CK{M%m0Pi@BEJN@Sq_#S)3+}3J^C)ip_TknA~TP-hJa6Iy?)J)BoAbolc^_dLk z=7I{P#_(;QZg;=Nc2&Q-2+8q!H$GR5B~rMm_uv!4Bvv-g6#SLi<+@m;_U&)wBepX` z{?#&zKy7)Q|F5UF4vXpyx4-F@Qt57FXz3h5Iz+lbMv(3pxt5?~TO_9q#qWF(_70t@VCQDN_(-MOFf!F6gNG6< zb`xaP=zlskVZ*whnse+FDimsle!UdbEyuOerXl&8q58UXpzfnX*p)f|TP3HN4n+=! zIt^sw5(BT`E9$3u_|tJZb&dHGh8j;~rXM9;txm(kMt#(O2Au{V#mD|b$Ox0?tIYs& z1J%d;%%a|(&dm~P?q*`S&BY;PA1(CG8zd)%qEe&nT&QoTUS!UK(0h5Xsi(h09%|HJ zA=*tsl++TJnN`2@CQU+iSPQQ{#e^lp5; z&qTWbxkta?|HW#U1$iGkT!G_Bg7|4&bG?|iwbtJJ5GVAcpGxmMEV-UHc=IrYvB>Os zBl$Tou<5zMZI#a;A=R{zs{_3P#h4Iu@(zc9IadR(%AY`PUqdIQ?B86AH-B`bO0F>Z z(BKWCF|%1EXam6F-7xcskch_5_FkW%LtW@{z4)wVYw9uWc>fXRq)k-%5Wt5^e(Ve( z1#ijUHqPNZX^l3&ioDx4$Y#8nX9^fIpL1r)jXHFCJ}a>p8NzA1fcUv>I(W0SKXvZ0 z@%EhWGW=fP)ZucVr!Dr~F{_i@Kgxj6T9x|b8;gpUZ(zAdPbiXztxr>vfaot9F5d%( ze#hTej)_RXsFk4m6yzM$htTTOG9n%t3bK~N!ms`A{!VgClI^N}p0~#^8+!Tf4igm- zkRa7W;|o!% zp!d1hb9_(9Cg`xG${itjAbk?+f~8B!miZi9A?|0a29({_eReevWY^Td@B8Qw*33CE z+v_Pp^a6or%QdtRc!&NA?P*P=W)s4zvcb9ZG-nh^H|W4pWe-WZuS>XjO!;aSOwQKw zc9yP*#aQPb&8P94i$pbXfYLGHNXKcV>_ak$-Tp@oL-c!(l1fzCbsH1to(ZR*(&NSy zQ`m7a0srAB=P}8pN0mtO-_7%R5ZM6U1B|^JX5AfdOcCJ%G+>FZ(}{^4=Vubr?`B9+ zOSs?@*`JD=pLP~40CAQAw;~HoWf_B*guv*3WuJwvWB9Jj-Sot;J}l7fHX0s1GFBGQ z&+XwzAfjP%lUAng6apCD-&wC69dp* z6WZR7C>Xzz*K)DgOge1)`ah4{d65Z>%B$uoO@1Naw=yh9-r?<^y`P;~=N>iC-f9&! zh0l$1PUc?Fgk3;8ouzt@YQX03GrJVX$g~T&q~cqMpqT%5il~U>q}3xXLonj1^lBOj zTkrhHO^mTtsm<7Pw<;QisQ5Cq{)ng`pvV{^$!N~6`SXfd(7mO1y85ozz_9o74?zAI7_U0bB7$z>YowCPuTH^*Ak4?|tG2W`)F)8M(p3-%f z#9YChUrGpgN11)p+1}=I)g^VXfzbNS??>0$%XsH{p(Twj1nEFM6sT)A#HW*T9z!oN zel9*Rbr|3cv>6VEHOl2S8XoMaPM5ie#QwVX(pZcM|GB_|*kO_*e8ydz4P*m9k}T6oerAIvZ?GPP3R2K+YPxbS9MwqSj8=6Y%4}$Z*&79CIOm z16Qt+VAaeuxt; z#3^1%1Gc-FMe!`A&&1=e?JZ4q7MrLiWn!vv^shaarAY|rZJ8i-aV#RNL%Mhqk;N)j zuBsK%0<(a;WH(*6>@mZP0@%apu;u%MOqu4o zm9DssJr^sst3(~yG-0v9Gy_8#EgPK>vykGgaY@zD=FS&c_fzMWQDU@!lv=KcV~ePS zTa6m_=HOvxGW(e`@hl7`{bTfdilN*BDeaiXSMvgRNp5oed4jmkI)wI~tQo;vuKFou znB~g}XxFRsHOIAjxYisB7OH|W4Cw1WF`(yER~ka)lCW!xpk7|bv`OJ z^C>~!Sol-GOv{QWDTk6u<$HLng=?)5)FzKTX+JIg58(_oDOqCkt(jzbUIo2ibegWBj0cC9IGAKaKl*j=Q=Ct5rbj38;9U(gWYQ&ZxRIzF9 z&@^@cY0s#%pbxBW8MjQQt5)*F$ihz@SQVi%@OwWvZ1bs+-$kMJ%8?4-^{4jgrzjDI zOXltX+L(aIJ8ig5rP!Z;uK5-otS6|1%?HsM<1MYQun+*?B8|$bG=4sxHoQUpR-*A% zO{-?C8adJY2Pw>xv8m7A zsu)6SNQ?m4I}Fft>x@xc{L{fC3%3Azg2xxhke#fmoeVm*;iAcwN2WNl!HZ!*ymf=7tx2#^3ty1U#D1zdpwZ!6acUZVutf@ zHkov{GMj*nI=X*7Nl>GTznrgf<#$9)&Yiq0s;sK%G^#}TxF@~!D#gxkve6{jacL`$ z+=Ci5h>l;~-I#B=;k zo_JQmcmIR={vGFj#=wJ{{}{?3;IpHb=?G0pmkM{Mjtc1Tuv}n3TfEXGDlC%MGEr7? zwQABtcxaiNM{xsmE3;vTW8Ro5^1yxUY-D{59i!P|6R& zv0h@*A5X{t{nz_PTdLQLU8|R`_A^?3pOsgoe2VaAI*j~OM)Bzy)n`x#PLnKV1dRJA z%zGK~1%M+Rhf~EDe~A-D+z9a+YVVR9Kn_-d1k2V!Z@4BmI;W{30(>VDFk$JQbInS4gf+F&1<>zV zoL&D+Lw7yn6i)uZZ+<2)pP*ZTn`WZ521DSzdV`fkeT(YAX5S@VwBU8|2o4S9n&zFC zjoHv)tB~gNn6)f#>+_A}UtUw9zk$B2l(`u>pAS;fT~elQGNi*{i`N`qhn(abmm6UK zC9R=VFFT{+9y?u};!zaz-WJV~l(LtX9u(ZaH$D4s66=Q-mXGS9V^oaK_E zx&K=nr}TG!ve_JC)(m2do4cU#ywEo4yuv`KvVx{Pd3SuS6V_^zTa0yMBm0FUlp!iM z=v_me%|oH)cyJ5t9m;9M%Z%#nhlGM641>F8%)2l946jg}il!NBFMKI$tXT9c3KS`= zyI0hR!)CAXHXzn?y85bXbR6XyAVB#B#3MHe+|n=`1lWyDU^*)G_IU6QcOE6G|I_|I zHdP!5L4}su2-m|v8%dz&`f(2MJI9NgjOF#J|ED`Bc|G8U>sQu3S}>$lWcI4hEssK- z>DY{O|5tV(4d1;BRfhiU#*l7DuE}{3>@L80#4+G9p{eSWVDgD!10HqPz z;#&-RdD!RD=H&8mNV(mAmY=Q&%;Se05-6ZYT;<=)JLu@i|7jj1zK^W%R}(bqqO>Za z&Ih|HK6(Fpw^ah)$GA5r1wTv9oabb=o8SHk9p8(wbSBgRq^x9qig9d`X>7AN|YpyohvOIv}C^tO9V8{VPU zhiPM#R~%1L_}jw|O%dOcW)2%SIi|89n73?>HDFuZ?*3 z4r7wR)W2by1$R}zZuMa;QOP(H&BciH(0B?b4IlKx#|%<(DBN(VXCs*6iHpx0qL05|mO1xZpD81Q|hPaJR(kCk7 z@u~|m-n*Its$1$9p$xCR0U@$hJIPjZBAYp7HjGZ;@uB^$Wb{My*!$&nczix}?w+vB zc8sKI|1+4vmVi+8n4Yavh-~H!hct3nD?Q0kOEoyBp>GP$s3bNQ?c7cHqH9=7=m(Bcyt+aJm zX5$50+`k%PlQWIL?Qy^8)6ZP?Hr3c(C+4+Fjq!HuPmodn@bK+EaSqqQf#i^6_j|=D zhDiJ8y!@R3vq9C5PEDFfmZSX*U--MU)DmX_qJwn9@HH;esElUI!@<;&%{p84axc9O zr>1ZGJ;Ijt=ofjk8$v`&8GIY4m9QQ9xGB1I>XzOqiif@A4Aqyxp6I86|4?|r(4_Ah zuN_M~x?%SUmFat#ODh>Ny(sx0KqjgBdCinvczg}^5@48nkC2O zdRGwQ@P6xVws^t(&ze425@n*0eZ<&zQZ=||n-H_bo52yx!$xMIp4OSi0Pe7z&B5dy z1>U~_Iu?#ideDeQ^)94H=Aa)7W(8^V5~_V#Or}&61C>kE>WS|nBw7ZXFw+e`C)wf^ z@JnuH$09p(QzRx&3~EG*HQAVFJjDT-sOwtB+0J2mtTfjOfLkCi?yGr# zNzU7Bs3NV_Qb`G*H%3D`FDbJ!1drMwxJLO7AXB+__O(>mNXw|}OrD7m*v_KRU=+cw z`eW9tPI8V8X}qt!zzP@m!yZvLa1L4zOH)Z+)C&IMHR)YLtO06fROoNT6n*vEfu5y; zyhrqa+6keUU1DFGEPD5*q6Ok1vsoj1oB7Mv`!@w|g+j*P zE@fr0-SVxcDJ}lO{t9bF4;r2ciP*>Tj+i}O9HB%qbMHq7?8)L7{|rfquzxShV0v7J z9TXbu9ygZ92X0iiLdJw2|G|8YbGJV}sT%kT2=fhWLL2I9`(Sr+r$eCd+x~aaQLS1c z-R(o>l90ody^M;W%!`KOxt1%hDee4sb^Rx^*}JA=;(2U?Ht$qot#>b_?+=2w03@1) zB1y4o16p_(Tio~svstsA`F^%kB;tonyFX20q>bx)2c7+uUL;al%bM@d&)V4i{q-de z^K}kPyT3|~l^a+q{j7oTA?^*lA*-F^B~uBxcAxQk?Avl#kGBq1olM;A38zQ4^pj(A z>n+IdeA-4_@ef1s^UUfb7PAQ#?32NWdBJybs4D7eM8RKAjhyrea-zNW3%{18DGBUZ zIM8$N=W$E{aoYMVRZ*1wC9SA-V}zfIXjY*;+y7C|bedZGv&t9$UozGWIoz{;`@wL6 zbDC$c@~`63W6{bXi9qwd9<&(>Z++i$1~B;^u|l>jr@d!&L?9U0EN#vN%-EZx6^>DY z*a2`xeXX1?nxuwI(68V~Kd>8ng*C&%4c;(rw;u{;`po0BH!_SztMg4XcJ#k>I3;a@ z;h**|yOX;%GB>eu-hQT49g`S*}gk>ZeJ!vQQ zH?k%4uOG!i4UqV_1TpL;uY)yP|)M z=I0`pr$L2%9%p{pzT)cP78f9EhOXXu?1Nuq3+0SMsGzh_+EDBwmM}0UPd&~b(e zzr?I-)(p9DqeMBMeO5%-%F@c2joWX&U_-a^gN1z`@|0bOBF|+p%dBK1DHApK2>Z6( zx%T8=Nf$?Ow)xC@p2;&#CJ78VFqlPk*jj1$iwb`*&LML&!)P>ApzkDj9?60)il4 z(t2FvX3spP@e}W@2SQrASY+(JM&MRS#&OB&;}#q|-7%(6&pO#_&FLsj(|=A-T(Dac z%)lK^n60`C<7$`BWQ*1x!4zo8H>b(d1iwGF8I17m-|)O+m0=iaB#oSTwmFI(=1sl& zg4X`@FJ%QL=}X+-fm|CK)o9>;>hYwqaLLtkvT@CgCP(QCgM&m&dK}xFhGON#Jo=b? z20y49IOVA9%I@mM4P{Na1ern?UrY;XmyRY%-lNRNT=?&C3G$H~A5OO=tebsCh0-$7 z&81%5lGaP%#B?JfrNtKf`n<_#a}k}!`^a^a>+`E9?b@av_bG|$qMh)RcfO#9 zm$MVJgRXmBxtD+UzA)XQNIkvNzVXCdpI1w!Y#~&<&N)(jwf)ZGoaw>$rb68da}mT7 z_Q~~Te8M`GX0%&tVcZK-{=YYW#x>K8HNTB{B)AoO@abqp3s=KBaK|9oi}+|kA9*IS zFHDC?!@FRoV@S9833={Ru3t@MubFK0JR(wvSvxh}o8Xqf%Ic0_b4+sUqCh1VWK0U` z?*XiYvj4+SslXX@pa;m9I51j$sp9{`WW!0sBAqRYyYEH4&#D3w+5RPxMxAB@CK9M6 zl8~>(`7BFvo1sPJ6^|=%{#7WggsyznE@`gJY?4{^2Sa19jN=?O7~>egiCb=H)i?E? zNSXFR&xk>BkoAvlJ<=jkBP1inVL@^HpJc!lzj^(xzz&42?NaLU<1dD{W58Q>B3WG> zExydtpB_-=^j5#{BO{2Uc56@*{KJeP!}o8=cd9(Jii63nUSurYVDqGBsnI7 zHm~h1%sOw%+hS(LSnXK4JXyK1jFi*!)xt(0ViU$FYK(?X#fgxVJx@4}4-#Kn4Y%?)fFj zJIYX~|DI`DWZ|UsPN&*M zy?k48L&v6|9;K_nNB!shh9n;^cICx6X(xKMsCxJN^#v{xjm;FXm!Nfz9>USISVsEo z3;4a4guG>;en!#lboiDgPa*obN@5oirT_>Vq;%_XDlcbLerQzd;YY>HYhQWo?ypK{ zD#ZfgOC(N-;Ln%$ID9bc2*%Im@}8SJ-l zix{l_(i#}^6%I&uGZShfwkFXmPu(g0V0(|*UrEvBG4&{U%^o6W4_=GRb!z&n@ox!v z-=W8TOKTY-{NRtpHY_}EA-|OL;^xDSCy`{7fYn))u|I@^7Zs?%q84Tjww#tbNFC@n zuuhw1)$nXe7{;Ww$4&>DIBAb@PgYYeM0YxNhwrQ zdJCZ0>rZXvfL~b>RPK0o)*gI6!TgtVKVy;^MKnVef(Ob=9mizMRgjdnkfYn}cxVj# zS{sn()I8>jqeS9P)C1N!jl+lo1?`q0v_(-Qw@yk+-z<;>dp$34TZy-Vd_Fl7efxyy zcwkcjeauiek6h0rrRFYzgjIH~-^5x{`wf0^Uv;Y(_$=c%OUTmp2{gRzByi{@*0=J(szL8WO>Zv5|Ib=|!ulaqH^^tfjGc;g#CtRM^ z6KvZ|_u7ek{ry`38Pon4Qmw7LfOo`*jUj#vhI|d5CTqtJstbp9_{R@^DW8u9C1(V%CW{c(DLur)<40aJni3i`SRXf2!JlLn z?B6kL=bxQ9-QTY<0&-P*DtTt(`mL#7%XY73NEY%F*b6QQRr9j0V_w=Y6jy2lu`oVU z7fVGql+E;C7p{EJi>s-ydL-(3O%*+!LKz$gq)4Jb_|y z|4-jL{BAP^-eZojDDc9o;mT6gCk$FHr%xyb6$vRr1%O2Uh%;Y*Ph)iwI3f+{pw(K@)EHA`BiM#aE-{$aU_KX@Mjiit-pQH^+1DZW z^BH2f6J5!*ksk>O1qf|v7OW%O56hnCyXc$~x%&>05^dm7_KlCqY?fa8NN!8)9*0h8 zRxyJe8zHX|>w7^e!7gjBWxA7;KT&y}FwLk0|FO?W88J?~stbz{SD4yrn;PBQS>p?J zrXgrf27$-h2m$J%BSB58#7T#8SS9h2=bmi7CVC7mwCJH}-+ew+X`M*^WpI#xH?Hs? zjTnwic#?;0s*ku4!If$_0$d^GZ!WIfl-FkV+OVr+julYSP&CMTB+nevSW=Ctj(OhN z*G=<(WTVG2l)Qq%CIIF?sn(BKWrEg#;r|yXaYFsq?Dz63{B&n{vHh_YEEwvf32}1v z6F~o8VWkTtCn-bwX3o5UOq#-|zzP#Q;r|&{@WdW#V)aqEP+O5SC-6=js^t+@yk2(j zzhY2hPyEvx)mZ@LsgyCadlY3i2v34!!y>Rr3vXJA|r1Iw3iD7@OfuR|Q)W{R)!!7`$d6 zD|X80_HdnQDoG;QNZC{Ipm5spHslT2!?iuvHJMj~O4|KbF1YOxm$m&U98ZkZ_@r+x zBFyB14gJM`EH5FK9^)miyWqaYD?9HhD`Y_Z{)y&0=Y+y(nXlSIkyj-jTX8FJkJZu; zbn%-8u3GXaM4{zRsj8+rIFjHPD)wQE8=P)8>0Xoj>2_QdhS(R7RG+<%Jm|t!+Al#h zLY~VZ`I7UD5Ezhvm1WmFgsxa_asg#X`oKQ$Y?RMf>`j#Mdv64B(?9+sm*Fb4#MHUM z9ZVwLr)$G4%4y}bE<~CzP7THgRwMm3wjxc-@mH_xkdS?CHh^>~?SSPia>YOJ`4yZ0 zV?^aVrauG(7U~Wen8S8Cm*#RSOI*ZK`8OXO2iiC*JD1ePq=(%MGBU-rt(SFJ2Ik6jTHPKTrm`ysr~gophY1?{qr=;$L7$zZ zF5;x;yv~qia#|^vdD@=WW+|^MjXCuc_X6t4_NyG5ZV&jr8YSyP<1g188#Q4OD8#Po zssUpIKIBlCX+yf(CBD*kRr-_gHd6!$@j5tg!BQ zg%+{p8cce17V{#XJ%Es{W#f?l9H+sx)$(cppPcK`{w!?x{k$v=m)gp`9h=m&+F_0* zpIh<{Fw8Uv!Qr9=^R5tRhKqLvGz-&-^}9uH(JWWA3oti6l@{-;Q|k6oz(u9F+LcZV z3BEE1uCmC!Lk-x=TZi#AoiMk3F^h+u=>^>~gCJu!3#{D7GO_tH( zmd^@i3n1yKkac;EdZN4_cA0=QCz)Bbv3A@S6%`xp5iVn1 zZ*uW{T1!1Isc4GRLmhwRyDOY5O)`Io0G(wO-V5G>{@TMO)@!BbAKkDfnj@dJg>k7MC%BE-)v`~`bV=5Zj>;fa7xFRNgf+az#V~tT zIN*0c*yHqQ@3qHkwgXQ1?3v2H<(U6l$=y#^97jpQhEFLU@A(h%zeqd5R?av4nF=bc z&!|#8ghBgh7wcY*z~+ubPv4 zlD^Cn49(%GG6KKj=m$O)waaq$_2=}p9rcU13S}$Z_a!=Zs#X_|_$m8z z41JxQEdQQ|X?lBM8QB=}E9Yc@SZqE!AvFGBeHcIq0o^l&E5oj35&IjWWSCHA5oGAd z-?In?(I)h@(%?4J#KYjm<-lKRs%YZ}D1g*yvR1!AV-a@v|fXo10B z)Mbepj?W`5lLLO^B?A%A20!LLA?0dU_)?R1uFpcJ$y97;x=)P)a|UMZ&IB{?k(<_e z5=orePTSm*(q5@0dKW1lgZnA>3csNEa+o_FVU~$liP4~-Iv~t@tt%E4oa*^+yHzAo zsh?;F_{f|1BG*UWfZCzJCw+iWSMPg zn{jq5Iby)3=Prmyad4wvYFz3Ez2oTb+@i^wY>%_K5Y?+HpCOXDN2q}?@el|Cz)z?5 z7^@_NQF~}D`7mUoc}Vg?j95@Dqn+T}hAiy!uM(_p`?Hgms%2xUI!fm(s#!=PMoNQx zfqck+jKAUzCL=mjdz#WgYilb-w-4$b>pLOpQ((%E%Z~?4W4WN$a8d)8BYVnC(shn~ zbajfzjG#^X+pCkO)CJuTNKg7>T04(?DQy*;l+-m>Uv8MZu;Jln6dLd3-F+d6N*!{2 z_}n&kW0CabG`V>p^a3P@r-_wor$6c1Z!&Z6vK!eG|8@|WFY=Fzny~5j zpQJUl@C^ZW^+w&Lwg$K4HgEk23x$p|qKO+n1u$?lpFDU|W6SKd95x0L{@5aW6!sgr z4~>UyO^eve9OR9x1n6jMKXyDlw?93SH4Z-I1f!pqr8{iFNFf3o0!19N& zu`^?s+}Z5l0N4n1g-cQ)6hJLB33wP#oJ!;=|_3kJ)wD`8oyC3 zs$Z;&+GmNFntI(9NiZ}{3y!lO8zq2`t60u>Tr$6cKTBi#|58ic7|N( z2%Dq1EM5>dr8=AX8#5TAfs8G{X(doWba+CYDpcT;7&ck)UcHiROoFp4SQGY!lEYPo zzX^q(zRWi0B0%c!&eu^znvO|x+05nYoAZb}#W_iWUs3=Ts4*q9X)O{3z*b!p-Fb30 zJBiI$GavS4PZwX%_tHi*Qiq6orLncrNX}CF@0E;Vu zzw1AH5bi;+!p7>=?0<9gPal$&r|6Vv+Yh{oO(<3)RQKB4pMo)*Icg$!)gi$%RlfFi z{zZG_^F+fDQxcEKvAQkAOmipJZ>RQef1dcqGpddm!9aH5TvDCy1BqN(_#fD1)vXE7sQ zmiSbuj$TrUOsq3QgN_Q`eLX~1<=79@OAE&n4v%$=;8OljY8iBgJ@0m>%|12Wjxpip zJZq6mPqdyxasZw#F7qHwbB~~=EF7CAgpt^%-fg!+IePTon&ftx*h-!mw~MpPJ3RN{ zW)_m!AIy@G+eaJz6{G;Mn&!ook!Sw^363LGP;X+^RP@@H&J`VW54tTZIk8@kdpGarBIl6A2Xf8z=|}a{y1=^ zs3$!*`MS9hD))$Fb?{^9@s3B${w zb;f-5*3P?xII9ylgzUnJRLY3C#Y%`rL4!I9i@voqR(82HBZZ3lDh{6RMxJ!Ba0__F zflg{Hazrc{nU;1??~!l?vEj_!EVGaRY~4PR=Bm_~eSQd$%upKn|$1^@M?1dbWCFi)?ug+F+;YMzFw7e<> zmLtkhkP2e0fS*hKSCX|oYq)FFM0^F^QZNpw6%jV;{JN=6yCxbR8>G}}<-9%HuYCoV6o<%GZqjf?zTZnf?iB(%Ie} znW@)c@!?NaJHE=Qv&02QaM7vyewoFTy^H1DuwdxNm>uCNFJVhO0lq0QXKmjd;R~x4 zUAZj(-dZZk-qKr|r4NB(GWm?_s96=7eh38|8jQ!0qrUXg-!~TAw9nxFxo%6G{~Z`2 zBS5+r>=-X0ihdpFSP$ss*^A8cF9+md(GZn4B(G30`8-*dL{PHztozD-;`3?x-Kif) zL1yD)^U#1yP*60;G9e9Q4fkgYVC?*_7-2&FrTS`G1Wu$biVld5nfP~2OP=Q$f~D?* z;*~cj!VoQ1SMZL_d?nniwX~S6H3Jd>qsQ$S&=FkD)%hg6SlvrTgdH#+V`bc2H;#;s z$ zR^*$mv+womt*iYar@B$x6gYo9yiV?k^+4-^??C%;4gKae@kxcRGO-^5%5`oulIvRV z-ljATxO|+>eOFB<_jKmUEgCqisgl;&<_yP?hoQ62tDqW5^Ic4{?Ty{Ak8G%SG0M_7 zaKwsMxH?=advM|yh}Sx0UDS@{&SUq&%Hc+_pbwfqK+|i!)2B#8hUG9`qe`JvcArajvp&o^e~;;Mg%VC;{wk=f zpvYX3wV)j}qhcR&zZLH$w1njqhZEMunHZGl@_~do2>>GXh~}UQJ9i>a&aw1L>c4 zHU1)`fY&Xku{o%DLH~E93v%o@F-fJ~*^9sZ`jZ`>Z)S?MYhbQiYt7>=@XRr5dIeS$OQkcNR)+Ty?UAG*a-LR=+a>b<{;M<-$0?5 zm=l05M9jv>W~)jpEBM{Y&WgiuW3p2x5GJk0e6GBdk7dmnJh#d*j*PvXwe4UU|Hk5A z{@)T9bY;j`o&CTbrVlc*Lk8yXJZd;w!9_9PX$iqiomKqpRQCB%3pgsh_?pwio?@ga zQP?8a*R(7{8y(n+r7;0yR5LQtp+9{&fA2Cx=+^gjl7}Ae4s_XFY8%1OO<+}uFi=Gm z;ltf}8NZ}p&cTRM(J1WQK>PRm0PMP^iQ}UWIO{Fw!M-$gE<|!+ZVfnTPg-a~2s~z( zEa^{h6}mt5^XclfZ9A)O1h1a2Y=Ki?0>)ySiG~1@u~Vzy)v*m)$PBgUh|C>xm5Ks- z6Q&>W@St|%jW_TGw625i=L{ni+8cU278<p*6a^VhU(N%AovqRhq*S*6M>gFv78VxPOw5I;9Zge+@hc%&rvFD~4N%;Gprdi{1j8R zk@|GravWVs1B(tkgCjAqU-|NRs6aT{?`bUX-%}~lpVnQLnC?zDvHMuvD>x6a2XkeF zrF}&0r8?Gwe{s9L6}Y(XUnxi3>Ei$mFi_(dE#H#TtyY1|U9m#2Nlozrw|H+{F)Sq@ z-!LCxZai@Tw879#)Bw(B-8K0xtu$DwFA6DJl_JQQL~#SPUf||Ol5-)lPATIEEGPJY zH|C`94izr>_byyc1(4_2W>zhfY;KmFXyZ7yK!3EVuKRH}?1$X27Z+;|kU4w^4_+!B z>+fw0k8T;t^>rF7m6<1dWm0=w(h|))Hgz*h#xMXdFA4IpFe4t#-4*l^MLyi92WnD1Zd3$s^*MKSDVTOZ_wvUkt6>C@M1-9eJ>f z^?(@}hMKC7uc-A#q*J)U2|LHR>|$H~h6(ZDjK%vdlC@L{{dy57f?Fz?YaKO79*-fF zHC6G2P(xfyPE5}y%)JT=mO%UxI2d^$E7|$w*$=v$m#vBDL(zFe=;s`21EfXrBRKiv z?9b%;y8=owG5dhi6ZupX?;}5BHA}sl#(qo6U(BTu`Yi&jsU;s0AFjnD4bU;{e0A0J z>S{|_yzQJiRKGM-geGik9Wx9Ey=*!i*WClNHRhuO`gju_Vh2mM56RgW9Db9FfjT22 z8(9JRM&(R~mZF>spZR&LDvcLS2H(_@S=#=n!>nLgvFjCKtz@iyVTnV#EgM9b2L^TC zU3M)@^OS2_nz&ie(6+|B+*g0*D?3HL6?B?mc%QLI1yyWflW&c&d+dojs6IjG4!b7X zX?jn-Ow!uFawy@+X8av+ey0p(2fx^?shnRr!+FSxT@N9Q{q76Gy1)Z^9s6Q*)ylQL zMSRE-b5gv1NK6{V23|}1G8muGEf0n}euXTC{n?R<9BD$caDDmJHwFTycm3;jLCC_| z{dcwPVjh3P?x6r-*C}IF2@JG?=t7_Gc^cg?#Wc5t-K(fjx@(Tze>$^gWAj}usXL9v zgii(kzzfpKiFWySmCNFd1zmJo=2T5HY0ti+SDD?p4`IyumSBr_rjMGFjHdclOR@5e HRrvo0@@F;a literal 0 HcmV?d00001 diff --git a/windows/deployment/update/wufb-compliancedeadlines.md b/windows/deployment/update/wufb-compliancedeadlines.md index bb088093c1..6524be0563 100644 --- a/windows/deployment/update/wufb-compliancedeadlines.md +++ b/windows/deployment/update/wufb-compliancedeadlines.md @@ -1,100 +1,173 @@ ---- -title: Enforce compliance deadlines with policies in Windows Update for Business (Windows 10) -description: Learn how to enforce compliance deadlines using Windows Update for Business. -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.localizationpriority: medium -ms.audience: itpro author: greg-lindsay -ms.date: 06/20/2018 -ms.reviewer: -manager: laurawi -ms.topic: article ---- -# Enforcing compliance deadlines for updates - ->Applies to: Windows 10 - -Deploying feature or quality updates for many organizations is only part of the equation for managing their device ecosystem. The ability to enforce patch compliance is the next important part. Windows Update for Business provides controls to manage deadlines for when devices should migrate to newer revisions. We offer two compliance flows that you can choose from: - -- [Deadline only](#deadline-only) -- [Deadline with user engagement](#deadline-with-user-engagement) - -## Deadline Only - -This flow only enforces the deadline where the device will attempt to silently restart outside of active hours before the deadline is reached. Once the deadline is reached the user is prompted with either a confirmation button or a restart now option. - -### End User Experience - -Once the device is in the pending restart state, it will attempt to restart the device during non-active hours. This is known as the auto-restart period, and by default it does not require user interaction to reboot the device. - ->[!NOTE] ->Deadlines are enforced from pending restart state (for example, when the device has completed the installation and download from Windows Update). - -### Policy overview - -|Policy|Description | -|-|-| -|Specify deadline before auto-restart for update installation|Governs the update experience once the device has entered pending reboot state. It specifies a deadline, in days, to enforce compliance (such as imminent install).| -|Configure Auto-restart warning notification schedule for updates|Configures the reminder notification and the warning notification for a scheduled install. The user can dismiss a reminder, but not the warning.| - -### Suggested Configuration - -|Policy|Location|3 Day Compliance|5 Day Compliance|7 Day Compliance | -|-|-|-|-|-| -|Specify deadline before auto-restart for update installation| GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadline before auto-restart for update installation |State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours**: 2|State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours**: 3|State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours**: 4 - -### Controlling notification experience for deadline - -|Policy| Location|Suggested Configuration | -|-|-|-| -|Configure Auto-restart warning notification schedule for updates|GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Configure auto-restart warning notifications schedule for updates |State: Enabled
**Reminder** (hours): 2
**Warning** (minutes): 60 | - -### Notification experience for deadline - -Notification users get for a quality update deadline: -![The notification users get for an impending quality update deadline](images/wufb-quality-notification.png) - -Notification users get for a feature update deadline: -![The notification users get for an impending feature update deadline](images/wufb-feature-notification.png) - -## Deadline with user engagement - -This flow provides the end user with prompts to select a time to restart the device before the deadline is reached. If the device is unable to restart at the time specified by the user or the time selected is outside the deadline, the device will restart the next time it is active. - -### End user experience - -Before the deadline the device will be in two states: auto-restart period and engaged-restart period. During the auto-restart period the device will silently try to restart outside of active hours. If the device can't find an idle moment to restart, then the device will go into engaged-restart. The end user, at this point, can select a time that they would like the device to try to restart. Both phases happen before the deadline; once that deadline has passed then the device will restart at the next available time. - -### Policy overview - -|Policy| Description | -|-|-| -|Specify engaged restart transition and notification schedule for updates|Governs how the user will be impacted by the pending reboot. Transition days, first starts out in Auto-Restart where the device will find an idle moment to reboot the device. After 2 days engaged restart will commence and the user will be able to choose a time| -|Configure Auto-restart required notification for updates|Governs the notifications during the Auto-Restart period. During Active hours, the user will be notified that the device is trying to reboot. They will have the option to confirm or dismiss the notification| - -### Suggested configuration - -|Policy| Location| 3 Day Compliance| 5 Day Compliance| 7 Day Compliance | -|-|-|-|-|-| -|Specify engaged restart transition and notification schedule for updates|GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify Engaged restart transition and notification schedule for updates|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 3|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 4|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 5| - -### Controlling notification experience for engaged deadline - -|Policy| Location |Suggested Configuration -|-|-|-| -|Configure Auto-restart required notification for updates |GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Configure Auto-restart required notification for updates|State: Enabled
**Method**: 2- User| - -### Notification experience for engaged deadlines -Notification users get for quality update engaged deadline: -![The notification users get for an impending engaged quality update deadline](images/wufb-quality-engaged-notification.png) - -Notification users get for a quality update deadline: -![The notification users get for an impending quality update deadline](images/wufb-quality-notification.png) - -Notification users get for a feature update engaged deadline: -![The notification users get for an impending feature update engaged deadline](images/wufb-feature-update-engaged-notification.png) - -Notification users get for a feature update deadline: -![The notification users get for an impending feature update deadline](images/wufb-feature-update-deadline-notification.png) +--- +title: Enforce compliance deadlines with policies in Windows Update for Business (Windows 10) +description: Learn how to enforce compliance deadlines using Windows Update for Business. +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +author: jaimeo +ms.localizationpriority: medium +ms.author: jaimeo +ms.reviewer: +manager: laurawi +ms.topic: article +--- +# Enforcing compliance deadlines for updates + +>Applies to: Windows 10 + +Deploying feature or quality updates for many organizations is only part of the equation for managing their device ecosystem. The ability to enforce update compliance is the next important part. Windows Update for Business provides controls to manage deadlines for when devices should migrate to newer versions. + +The compliance options have changed with the release of Windows 10, version 1903: + +- [Starting with Windows 10, version 1903](#starting-with-windows-10-version-1903) +- [Prior to Windows 10, version 1903](#prior-to-windows-10-version-1903) + + +## Starting with Windows 10, version 1903 + +With a current version of Windows 10, it's best to use the new policy introduced in Windows 10, version 1903: **Specify deadlines for automatic updates and restarts**. In MDM, this policy is available as four separate settings: + +- Update/ConfigureDeadlineForFeatureUpdates +- Update/ConfigureDeadlineForQualityUpdates +- Update/ConfigureDeadlineGracePeriod +- Update/ConfigureDeadlineNoAutoReboot + +This policy starts the countdown for the update installation deadline from when the update is published, instead of starting with the "restart pending" state as the older policies did. + +The policy also includes a configurable grace period to allow, for example, users who have been away to have extra time before being forced to restart their devices. + +Further, the policy includes the option to opt out of automatic restarts until the deadline is reached by presenting the "engaged restart experience" until the deadline has actually expired. At this point the device will automatically schedule a restart regardless of active hours. + + + +### Policy setting overview + +|Policy|Description | +|-|-| +| (starting in Windows 10, version 1903) Specify deadlines for automatic updates and restarts | Similar to the older "Specify deadline before auto-restart for update installation," but starts the deadline countdown from when the update was published. Also introduces a configurable grace period and the option to opt out of automatic restarts until the deadline is reached. | + + + +### Suggested configurations + +|Policy|Location|Quality update deadline in days|Feature update deadline in days|Grace period in days| +|-|-|-|-|-| +|(starting in Windows 10, version 1903) Specify deadlines for automatic updates and restarts | GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadlines for automatic updates and restarts | 7 | 7 | 2 | + +When **Specify deadlines for automatic updates and restarts** is set (starting in Windows 10, version 1903): + +**While restart is pending, before the deadline occurs:** +- For the first few days, the user receives a toast notification +- After this period, the user receives this dialog: + +![The notification users get for an impending restart prior to deadline](images/wufb-update-deadline-warning.png) +- If the user scheduled a restart, or if an auto restart is scheduled, 15 minutes before the scheduled time the user is receives this notification that the restart is about to occur: + +![The notification users get for an impending restart 15 minutes prior to restart](images/wufb-restart-imminent-warning.png) + +**If the restart is still pending after the deadline passes:** +- Within 12 hours before the deadline passes, the user receives this notification that the deadline is approaching: + +![The notification users get for an approaching restart deadline](images/wufb-pastdeadline-restart-warning.png) +- Once the deadline has passed, the user is forced to restart to keep their devices in compliance and receives this notification: + +![The notification users get for an imminent restart after the deadline](images/wufb-pastdeadline-restartnow.png) + + + + +## Prior to Windows 10, version 1903 + + +Two compliance flows are available: + +- [Deadline only](#deadline-only) +- [Deadline with user engagement](#deadline-with-user-engagement) + +### Deadline only + +This flow only enforces the deadline where the device will attempt to silently restart outside of active hours before the deadline is reached. Once the deadline is reached the user is prompted with either a confirmation button or a restart now option. + +#### End-user experience + +Once the device is in the pending restart state, it will attempt to restart the device during non-active hours. This is known as the auto-restart period, and by default it does not require user interaction to restart the device. + +>[!NOTE] +>Deadlines are enforced from pending restart state (for example, when the device has completed the installation and download from Windows Update). + +#### Policy overview + +|Policy|Description | +|-|-| +|Specify deadline before auto-restart for update installation|Governs the update experience once the device has entered pending restart state. It specifies a deadline, in days, to enforce compliance (such as imminent installation).| +|Configure Auto-restart warning notification schedule for updates|Configures the reminder notification and the warning notification for a scheduled installation. The user can dismiss a reminder, but not the warning.| + + + + +#### Suggested configuration {OK} + +|Policy|Location|3-day compliance|5-day compliance|7-day compliance| +|-|-|-|-|-| +|Specify deadline before auto-restart for update installation| GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify deadline before auto-restart for update installation |State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours:** 2| State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours:** 3 | State: Enabled
**Specify the number of days before pending restart will automatically be executed outside of active hours:** 4| + +#### Controlling notification experience for deadline {OK} + +|Policy| Location|Suggested Configuration | +|-|-|-| +|Configure Auto-restart warning notification schedule for updates|GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Configure auto-restart warning notifications schedule for updates |State: Enabled
**Reminder** (hours): 2
**Warning** (minutes): 60 | + +#### Notification experience for deadline + +Notification users get for a quality update deadline: +![The notification users get for an impending quality update deadline](images/wufb-quality-notification.png) + +Notification users get for a feature update deadline: +![The notification users get for an impending feature update deadline](images/wufb-feature-notification.png) + +### Deadline with user engagement + +This flow provides the end user with prompts to select a time to restart the device before the deadline is reached. If the device is unable to restart at the time specified by the user or the time selected is outside the deadline, the device will restart the next time it is active. + +#### End-user experience + +Before the deadline the device will be in two states: auto-restart period and engaged-restart period. During the auto-restart period the device will silently try to restart outside of active hours. If the device can't find an idle moment to restart, then the device will go into engaged-restart. The end user, at this point, can select a time that they would like the device to try to restart. Both phases happen before the deadline; once that deadline has passed then the device will restart at the next available time. + +#### Policy overview + +|Policy| Description | +|-|-| +|Specify engaged restart transition and notification schedule for updates|Governs how the user will be impacted by the pending restart. Transition days, first starts out in Auto-Restart where the device will find an idle moment to restart the device. After 2 days engaged restart will commence and the user will be able to choose a time| +|Configure Auto-restart required notification for updates|Governs the notifications during the Auto-Restart period. During Active hours, the user will be notified that the device is trying to restart. They will have the option to confirm or dismiss the notification| + +#### Suggested configuration + +|Policy| Location| 3-day compliance| 5-day compliance| 7-day compliance | +|-|-|-|-|-| +|Specify engaged restart transition and notification schedule for updates|GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Specify Engaged restart transition and notification schedule for updates|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 3|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 4|State: Enabled
**Transition** (Days): 2
**Snooze** (Days): 2
**Deadline** (Days): 5| + +#### Controlling notification experience for engaged deadline + +|Policy| Location |Suggested Configuration +|-|-|-| +|Configure Auto-restart required notification for updates |GPO: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Configure Auto-restart required notification for updates|State: Enabled
**Method**: 2- User| + +#### Notification experience for engaged deadlines + +Notification users get for quality update engaged deadline: + +![The notification users get for an impending engaged quality update deadline](images/wufb-quality-engaged-notification.png) + +Notification users get for a quality update deadline: + +![The notification users get for an impending quality update deadline](images/wufb-quality-notification.png) + +Notification users get for a feature update engaged deadline: + +![The notification users get for an impending feature update engaged deadline](images/wufb-feature-update-engaged-notification.png) + +Notification users get for a feature update deadline: + +![The notification users get for an impending feature update deadline](images/wufb-feature-update-deadline-notification.png) + + diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 1d23df7da7..9b7700d02e 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,6 +65,7 @@ sections: - type: markdown text: "

This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ @@ -77,7 +78,6 @@ sections: - @@ -130,10 +130,10 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
August 20, 2019
10:50 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
August 17, 2019
01:49 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 13, 2019
06:59 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 12, 2019
04:42 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Mitigated
July 10, 2019
07:09 PM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
June 10, 2019
06:06 PM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:48 PM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
+ - From 320d5ce5223585edebe669ab0bba0dd596a8d38a Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Fri, 23 Aug 2019 17:39:05 -0700 Subject: [PATCH 015/113] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190823163336 (#980) (#981) --- .../resolved-issues-windows-10-1507.yml | 2 -- .../status-windows-10-1607-and-windows-server-2016.yml | 2 -- windows/release-information/status-windows-10-1703.yml | 6 ++++++ .../status-windows-10-1809-and-windows-server-2019.yml | 2 +- windows/release-information/status-windows-10-1903.yml | 4 ++-- ...status-windows-7-and-windows-server-2008-r2-sp1.yml | 4 ++-- windows/release-information/windows-message-center.yml | 10 ++++++---- 7 files changed, 17 insertions(+), 13 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index efd586d8b9..6eb7bd7645 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -39,7 +39,6 @@ sections: - @@ -97,7 +96,6 @@ sections:
DetailsOriginating updateStatusHistory
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimates a solution will be available in late August.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
August 20, 2019
10:50 AM PT

Opened:
May 24, 2019
04:20 PM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
Last updated:
August 01, 2019
08:44 PM PT

Opened:
May 21, 2019
07:13 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
August 01, 2019
06:27 PM PT

Opened:
May 21, 2019
07:28 AM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:56 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
June 10, 2019
06:06 PM PT

Opened:
May 24, 2019
04:20 PM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: Check with your device manufacturer (OEM) to see if an updated driver is available and install it.

  • For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.
  • For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Next steps: Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.  


Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:48 PM PT

Opened:
May 21, 2019
07:29 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809
Workaround:
On the “What needs your attention\" notification, click the Back button to remain on your current version of Windows 10. (Do not click Confirm as this will proceed with the update and you may experience compatibility issues.) Affected devices will automatically revert to the previous working configuration.

For more information, see Intel's customer support guidance and the Microsoft knowledge base article KB4465877.

Note We recommend you do not attempt to update your devices until newer device drivers are installed.

Next steps: You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:22 AM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:

\"Close other apps, error code: 0XA00F4243.”


To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:

  • Unplug your camera and plug it back in.

or

  • Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.

or

  • Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart
Note This workaround will only resolve the issue until your next system restart.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:20 AM PT
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		February 21, 2019
02:00 PM PT
First character of Japanese era name not recognized
The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

See details >		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		March 12, 2019
10:00 AM PT
-
DetailsOriginating updateStatusHistory
Embedded objects may display incorrectly
Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
 
For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
 
Affected platforms:  
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2 
Resolution: This issue is resolved in KB4493475

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4493475		Resolved:
April 09, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
After installing KB4487018, users may receive “Error 1309” while installing or uninstalling certain types of MSI and MSP files.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Internet Explorer may fail to load images
After installing KB4487018, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
Resolution: This issue is resolved in KB4491101.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4491101		Resolved:
February 21, 2019
02:00 PM PT

Opened:
February 12, 2019
10:00 AM PT
First character of Japanese era name not recognized
After installing KB4487018, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
Applications using Microsoft Jet database and Access 95 file format stop working
Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue is resolved in KB4489872.

Back to top		OS Build 10240.18132

February 12, 2019
KB4487018		Resolved
KB4489872		Resolved:
March 12, 2019
10:00 AM PT

Opened:
February 12, 2019
10:00 AM PT
diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index cca3c91d12..fb76299a24 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -66,7 +66,6 @@ sections:
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >OS Build 14393.3085

July 09, 2019
KB4507460Resolved
KB4512517August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 14393.3025

June 11, 2019
KB4503267Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >OS Build 14393.3053

June 18, 2019
KB4503294Investigating
August 01, 2019
05:00 PM PT -
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >OS Build 14393.2639

November 27, 2018
KB4467684Resolved
KB4507459July 16, 2019
10:00 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 14393.2724

January 08, 2019
KB4480961Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >OS Build 14393.2608

November 13, 2018
KB4467691Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >OS Build 14393.2639

November 27, 2018
KB4467684Mitigated
April 25, 2019
02:00 PM PT @@ -117,7 +116,6 @@ sections: - type: markdown text: " -
DetailsOriginating updateStatusHistory
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host after installing KB4467684.

Additionally, if you do not follow the best practices, a stop error may occur in vfpext.sys on the hosts.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
November 27, 2018
10:00 AM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
After installing KB4467691, Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Restart the affected machine using the Unified Extensible Firmware Interface (UEFI). Disable Secure Boot and then restart.

If BitLocker is enabled on your machine, you may have to go through BitLocker recovery after Secure Boot has been disabled.

Next steps: Lenovo and Fujitsu are aware of this issue. Please contact your OEM to ask if there is a firmware update available for your device.

Back to top		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
Last updated:
February 19, 2019
10:00 AM PT

Opened:
November 13, 2018
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
After installing KB4467684, the cluster service may fail to start with the error \"2245 (NERR_PasswordTooShort)\" if the Group Policy \"Minimum Password Length\" is configured with greater than 14 characters.

Affected platforms:
  • Client: Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2016
Workaround: Set the domain default \"Minimum Password Length\" policy to less than or equal to 14 characters.

Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
Last updated:
April 25, 2019
02:00 PM PT

Opened:
November 27, 2018
10:00 AM PT
diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 0e11306afb..dbe7b4e91e 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -20,6 +20,12 @@ sections: text: " Find information on known issues for Windows 10, version 1703. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + +
Current status as of August 23, 2019:
+
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet. +
+
+ " - items: diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 4c3dfc4364..5a2c3b8df0 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -118,7 +118,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices with some Asian language packs installed may receive an error
After installing the April 2019 Cumulative Update (KB4493509), devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Workaround:
  1. Uninstall and reinstall any recently added language packs. For instructions, see \"Manage the input and display language settings in Windows 10\".
  2. Click Check for Updates and install the April 2019 Cumulative Update. For instructions, see \"Update Windows 10\".
Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:
  1. Go to Settings app -> Recovery.
  2. Click on Get Started under \"Reset this PC\" recovery option.
  3. Select \"Keep my Files\".
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
Last updated:
May 03, 2019
10:59 AM PT

Opened:
May 02, 2019
04:36 PM PT
Devices with some Asian language packs installed may receive an error
After installing the April 2019 Cumulative Update (KB4493509), devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Workaround:
  1. Uninstall and reinstall any recently added language packs. For instructions, see \"Manage the input and display language settings in Windows 10\".
  2. Click Check for Updates and install the April 2019 Cumulative Update. For instructions, see \"Update Windows 10\".
Note: If reinstalling the language pack does not mitigate the issue, reset your PC as follows:
    1. Go to Settings app -> Recovery.
    2. Click on Get Started under \"Reset this PC\" recovery option.
    3. Select \"Keep my Files\".
Next steps: Microsoft is working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
Last updated:
May 03, 2019
10:59 AM PT

Opened:
May 02, 2019
04:36 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 9b7700d02e..1c6c129a90 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,7 +65,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -130,7 +130,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
August 20, 2019
10:50 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
August 20, 2019
11:06 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Investigating
August 17, 2019
01:49 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 13, 2019
06:59 PM PT
- + diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index 15f5bd4ccc..a57a74739b 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,10 +60,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

DetailsOriginating updateStatusHistory
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimates a solution will be available in late August.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
August 20, 2019
10:50 AM PT

Opened:
May 24, 2019
04:20 PM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimates a solution will be available in late August.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Investigating
Last updated:
August 20, 2019
11:06 AM PT

Opened:
May 24, 2019
04:20 PM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
Last updated:
August 01, 2019
08:44 PM PT

Opened:
May 21, 2019
07:13 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
August 01, 2019
06:27 PM PT

Opened:
May 21, 2019
07:28 AM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:56 AM PT
+ -
SummaryOriginating updateStatusLast updated
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Mitigated External
August 23, 2019
04:25 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Resolved
KB4512514		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512506		Resolved
KB4517297		August 16, 2019
02:00 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows udates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Investigating
August 16, 2019
04:28 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503292		Resolved External
August 09, 2019
07:03 PM PT
@@ -81,9 +81,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Mitigation: To mitigate this issue, Symantec and Norton released updates to their anti-virus software. Symantec Endpoint Protection protected devices can safely apply this update and future updates. See the Symantec support article for additional detail. Norton Security and Norton 360 products will automatically install a product update or users may manually run LiveUpdate and reboot until there are no further updates available.

Next Steps: The safeguard hold on affected devices will be removed in the coming week to allow customers time to apply the resolving anti-virus updates.

Back to top		August 13, 2019
KB4512506		Mitigated External
Last updated:
August 23, 2019
04:25 PM PT

Opened:
August 13, 2019
10:05 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512506, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517297. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512506		Resolved
KB4517297		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
IA64 and x64 devices may fail to start after installing updates
IA64 devices (in any configuration) and x64 devices using EFI boot that were provisioned after the July 9th updates and/or skipped the recommended update (KB3133977), may fail to start with the following error:
\"File: \\Windows\\system32\\winload.efi
Status: 0xc0000428
Info: Windows cannot verify the digital signature for this file.\"

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Take Action: To resolve this issue please follow the steps outlined in the SHA-2 support FAQ article for error code 0xc0000428.

Back to top		August 13, 2019
KB4512506		Mitigated
Last updated:
August 17, 2019
12:59 PM PT

Opened:
August 13, 2019
08:34 AM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec has identified an issue that occurs when a device is running any Symantec or Norton antivirus program and installs updates for Windows that are signed with SHA-2 certificates only. The Windows updates are blocked or deleted by the antivirus program during installation, which may then cause Windows to stop working or fail to start.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Workaround: Guidance for Symantec customers can be found in the Symantec support article and the Norton support article.

Next steps: To safeguard your update experience, Microsoft and Symantec have partnered to place a safeguard hold on devices with an affected version of Symantec Antivirus or Norton Antivirus installed to prevent them from receiving this type of Windows update until a solution is available. We recommend that you do not manually install affected updates until a solution is available. Please reach out to Symantec or Norton support for further guidance.

Back to top		August 13, 2019
KB4512506		Investigating
Last updated:
August 16, 2019
04:28 PM PT

Opened:
August 13, 2019
10:05 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503292) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503292		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 6cacd95c0a..0ff0106922 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -49,11 +49,13 @@ sections: - type: markdown text: " - + + + + - @@ -78,8 +80,8 @@ Given the potential impact to customers and their businesses, we have also relea From 538a694b2712f28b73a1db174f674a4c12238151 Mon Sep 17 00:00:00 2001 From: Orlando Rodriguez <49177883+ojrb@users.noreply.github.com> Date: Sun, 25 Aug 2019 10:39:25 -0500 Subject: [PATCH 016/113] Update mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md --- ...alone-and-configuration-manager-integration-topologies.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md index 0dc592b269..368088283f 100644 --- a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md +++ b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md @@ -258,8 +258,9 @@ The following table lists the installation prerequisites for the MBAM Administra - @@ -123,7 +122,6 @@ sections: - diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 03328a26ed..ccf58c6fc9 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -398,7 +398,6 @@ ####### [Get domain related alerts](microsoft-defender-atp/get-domain-related-alerts.md) ####### [Get domain related machines](microsoft-defender-atp/get-domain-related-machines.md) ####### [Get domain statistics](microsoft-defender-atp/get-domain-statistics.md) -####### [Is domain seen in organization (Deprecated)](microsoft-defender-atp/is-domain-seen-in-org.md) ###### [File]() ####### [File methods and properties](microsoft-defender-atp/files.md) @@ -409,9 +408,7 @@ ###### [IP]() ####### [Get IP related alerts](microsoft-defender-atp/get-ip-related-alerts.md) -####### [Get IP related machines (Deprecated)](microsoft-defender-atp/get-ip-related-machines.md) ####### [Get IP statistics](microsoft-defender-atp/get-ip-statistics.md) -####### [Is IP seen in organization (Deprecated)](microsoft-defender-atp/is-ip-seen-org.md) ###### [User]() ####### [User methods](microsoft-defender-atp/user.md) @@ -440,13 +437,13 @@ ##### [Experiment with custom threat intelligence alerts (Deprecated)](microsoft-defender-atp/experiment-custom-ti.md) ##### [Troubleshoot custom threat intelligence issues (Deprecated)](microsoft-defender-atp/troubleshoot-custom-ti.md) -#### [Pull alerts to your SIEM tools]() -##### [Learn about different ways to pull alerts](microsoft-defender-atp/configure-siem.md) +#### [Pull detections to your SIEM tools]() +##### [Learn about different ways to pull detections](microsoft-defender-atp/configure-siem.md) ##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md) -##### [Configure Splunk to pull alerts](microsoft-defender-atp/configure-splunk.md) -##### [Configure HP ArcSight to pull alerts](microsoft-defender-atp/configure-arcsight.md) -##### [Microsoft Defender ATP SIEM alert API fields](microsoft-defender-atp/api-portal-mapping.md) -##### [Pull alerts using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md) +##### [Configure Splunk to pull detections](microsoft-defender-atp/configure-splunk.md) +##### [Configure HP ArcSight to pull detections](microsoft-defender-atp/configure-arcsight.md) +##### [Microsoft Defender ATP detection fields](microsoft-defender-atp/api-portal-mapping.md) +##### [Pull detections using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md) ##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md) #### [Reporting]() diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md index 9706e81443..ef351af05d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md +++ b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md @@ -1,7 +1,7 @@ --- -title: Microsoft Defender ATP alert API fields -description: Understand how the alert API fields map to the values in Microsoft Defender Security Center -keywords: alerts, alert fields, fields, api, fields, pull alerts, rest api, request, response +title: Microsoft Defender ATP detections API fields +description: Understand how the Detections API fields map to the values in Microsoft Defender Security Center +keywords: detections, detections fields, fields, api, fields, pull Detections, rest api, request, response search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -15,10 +15,9 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/16/2017 --- -# Microsoft Defender ATP SIEM alert API fields +# Microsoft Defender ATP detections API fields **Applies to:** @@ -26,10 +25,14 @@ ms.date: 10/16/2017 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink) -Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center. +Understand what data fields are exposed as part of the detections API and how they map to Microsoft Defender Security Center. -## Alert API fields and portal mapping -The following table lists the available fields exposed in the alerts API payload. It shows examples for the populated values and a reference on how data is reflected on the portal. +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- **Microsoft Defender ATP Detection** is composed from the suspicious event occurred on the Machine and its related **Alert** details. + +## Detections API fields and portal mapping +The following table lists the available fields exposed in the detections API payload. It shows examples for the populated values and a reference on how data is reflected on the portal. The ArcSight field column contains the default mapping between the Microsoft Defender ATP fields and the built-in fields in ArcSight. You can download the mapping file from the portal when you enable the SIEM integration feature and you can modify it to match the needs of your organization. For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md). @@ -39,33 +42,33 @@ Field numbers match the numbers in the images below. > > | Portal label | SIEM field name | ArcSight field | Example value | Description | > |------------------|---------------------------|---------------------|------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -> | 1 | AlertTitle | name | Windows Defender AV detected 'Mikatz' high-severity malware | Value available for every alert. | -> | 2 | Severity | deviceSeverity | High | Value available for every alert. | -> | 3 | Category | deviceEventCategory | Malware | Value available for every alert. | -> | 4 | Detection source | sourceServiceName | Antivirus | Windows Defender Antivirus or Microsoft Defender ATP. Value available for every alert. | -> | 5 | MachineName | sourceHostName | desktop-4a5ngd6 | Value available for every alert. | -> | 6 | FileName | fileName | Robocopy.exe | Available for alerts associated with a file or process. | -> | 7 | FilePath | filePath | C:\Windows\System32\Robocopy.exe | Available for alerts associated with a file or process. | -> | 8 | UserDomain | sourceNtDomain | CONTOSO | The domain of the user context running the activity, available for Microsoft Defender ATP behavioral based alerts. | -> | 9 | UserName | sourceUserName | liz.bean | The user context running the activity, available for Microsoft Defender ATP behavioral based alerts. | -> | 10 | Sha1 | fileHash | 3da065e07b990034e9db7842167f70b63aa5329 | Available for alerts associated with a file or process. | -> | 11 | Sha256 | deviceCustomString6 | ebf54f745dc81e1958f75e4ca91dd0ab989fc9787bb6b0bf993e2f5 | Available for Windows Defender AV alerts. | -> | 12 | Md5 | deviceCustomString5 | db979c04a99b96d370988325bb5a8b21 | Available for Windows Defender AV alerts. | -> | 13 | ThreatName | deviceCustomString1 | HackTool:Win32/Mikatz!dha | Available for Windows Defender AV alerts. | -> | 14 | IpAddress | sourceAddress | 218.90.204.141 | Available for alerts associated to network events. For example, 'Communication to a malicious network destination'. | -> | 15 | Url | requestUrl | down.esales360.cn | Available for alerts associated to network events. For example, 'Communication to a malicious network destination'. | -> | 16 | RemediationIsSuccess | deviceCustomNumber2 | TRUE | Available for Windows Defender AV alerts. ArcSight value is 1 when TRUE and 0 when FALSE. | -> | 17 | WasExecutingWhileDetected | deviceCustomNumber1 | FALSE | Available for Windows Defender AV alerts. ArcSight value is 1 when TRUE and 0 when FALSE. | -> | 18 | AlertId | externalId | 636210704265059241_673569822 | Value available for every alert. | -> | 19 | LinkToWDATP | flexString1 | `https://securitycenter.windows.com/alert/636210704265059241_673569822` | Value available for every alert. | -> | 20 | AlertTime | deviceReceiptTime | 2017-05-07T01:56:59.3191352Z | The time the activity relevant to the alert occurred. Value available for every alert. | -> | 21 | MachineDomain | sourceDnsDomain | contoso.com | Domain name not relevant for AAD joined machines. Value available for every alert. | +> | 1 | AlertTitle | name | Windows Defender AV detected 'Mikatz' high-severity malware | Value available for every Detection. | +> | 2 | Severity | deviceSeverity | High | Value available for every Detection. | +> | 3 | Category | deviceEventCategory | Malware | Value available for every Detection. | +> | 4 | Detection source | sourceServiceName | Antivirus | Windows Defender Antivirus or Microsoft Defender ATP. Value available for every Detection. | +> | 5 | MachineName | sourceHostName | desktop-4a5ngd6 | Value available for every Detection. | +> | 6 | FileName | fileName | Robocopy.exe | Available for detections associated with a file or process. | +> | 7 | FilePath | filePath | C:\Windows\System32\Robocopy.exe | Available for detections associated with a file or process. | +> | 8 | UserDomain | sourceNtDomain | CONTOSO | The domain of the user context running the activity, available for Microsoft Defender ATP behavioral based detections. | +> | 9 | UserName | sourceUserName | liz.bean | The user context running the activity, available for Microsoft Defender ATP behavioral based detections. | +> | 10 | Sha1 | fileHash | 3da065e07b990034e9db7842167f70b63aa5329 | Available for detections associated with a file or process. | +> | 11 | Sha256 | deviceCustomString6 | ebf54f745dc81e1958f75e4ca91dd0ab989fc9787bb6b0bf993e2f5 | Available for Windows Defender AV detections. | +> | 12 | Md5 | deviceCustomString5 | db979c04a99b96d370988325bb5a8b21 | Available for Windows Defender AV detections. | +> | 13 | ThreatName | deviceCustomString1 | HackTool:Win32/Mikatz!dha | Available for Windows Defender AV detections. | +> | 14 | IpAddress | sourceAddress | 218.90.204.141 | Available for detections associated to network events. For example, 'Communication to a malicious network destination'. | +> | 15 | Url | requestUrl | down.esales360.cn | Available for detections associated to network events. For example, 'Communication to a malicious network destination'. | +> | 16 | RemediationIsSuccess | deviceCustomNumber2 | TRUE | Available for Windows Defender AV detections. ArcSight value is 1 when TRUE and 0 when FALSE. | +> | 17 | WasExecutingWhileDetected | deviceCustomNumber1 | FALSE | Available for Windows Defender AV detections. ArcSight value is 1 when TRUE and 0 when FALSE. | +> | 18 | AlertId | externalId | 636210704265059241_673569822 | Value available for every Detection. | +> | 19 | LinkToWDATP | flexString1 | `https://securitycenter.windows.com/alert/636210704265059241_673569822` | Value available for every Detection. | +> | 20 | AlertTime | deviceReceiptTime | 2017-05-07T01:56:59.3191352Z | The time the event occurred. Value available for every Detection. | +> | 21 | MachineDomain | sourceDnsDomain | contoso.com | Domain name not relevant for AAD joined machines. Value available for every Detection. | > | 22 | Actor | deviceCustomString4 | BORON | Available for alerts related to a known actor group. | -> | 21+5 | ComputerDnsName | No mapping | liz-bean.contoso.com | The machine fully qualified domain name. Value available for every alert. | +> | 21+5 | ComputerDnsName | No mapping | liz-bean.contoso.com | The machine fully qualified domain name. Value available for every Detection. | > | | LogOnUsers | sourceUserId | contoso\liz-bean; contoso\jay-hardee | The domain and user of the interactive logon user/s at the time of the event. Note: For machines on Windows 10 version 1607, the domain information will not be available. | > | | InternalIPv4List | No mapping | 192.168.1.7, 10.1.14.1 | List of IPV4 internal IPs for active network interfaces. | > | | InternalIPv6List | No mapping | fd30:0000:0000:0001:ff4e:003e:0009:000e, FE80:CD00:0000:0CDE:1257:0000:211E:729C | List of IPV6 internal IPs for active network interfaces. | -> | Internal field | LastProcessedTimeUtc | No mapping | 2017-05-07T01:56:58.9936648Z | Time when event arrived at the backend. This field can be used when setting the request parameter for the range of time that alerts are retrieved. | +> | Internal field | LastProcessedTimeUtc | No mapping | 2017-05-07T01:56:58.9936648Z | Time when event arrived at the backend. This field can be used when setting the request parameter for the range of time that detections are retrieved. | > | | Not part of the schema | deviceVendor | | Static value in the ArcSight mapping - 'Microsoft'. | > | | Not part of the schema | deviceProduct | | Static value in the ArcSight mapping - 'Microsoft Defender ATP'. | > | | Not part of the schema | deviceVersion | | Static value in the ArcSight mapping - '2.0', used to identify the mapping versions. @@ -88,7 +91,7 @@ Field numbers match the numbers in the images below. ## Related topics - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) -- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) -- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) -- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) +- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) +- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) +- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) - [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md index 22c9359f44..736e5fc809 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md @@ -1,6 +1,6 @@ --- -title: Configure HP ArcSight to pull Microsoft Defender ATP alerts -description: Configure HP ArcSight to receive and pull alerts from Microsoft Defender Security Center +title: Configure HP ArcSight to pull Microsoft Defender ATP detections +description: Configure HP ArcSight to receive and pull detections from Microsoft Defender Security Center keywords: configure hp arcsight, security information and events management tools, arcsight search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -15,10 +15,9 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/20/2018 --- -# Configure HP ArcSight to pull Microsoft Defender ATP alerts +# Configure HP ArcSight to pull Microsoft Defender ATP detections **Applies to:** @@ -29,10 +28,14 @@ ms.date: 12/20/2018 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configurearcsight-abovefoldlink) -You'll need to install and configure some files and tools to use HP ArcSight so that it can pull Microsoft Defender ATP alerts. +You'll need to install and configure some files and tools to use HP ArcSight so that it can pull Microsoft Defender ATP detections. + +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details. ## Before you begin -Configuring the HP ArcSight Connector tool requires several configuration files for it to pull and parse alerts from your Azure Active Directory (AAD) application. +Configuring the HP ArcSight Connector tool requires several configuration files for it to pull and parse detections from your Azure Active Directory (AAD) application. This section guides you in getting the necessary information to set and use the required configuration files correctly. @@ -163,7 +166,7 @@ The following steps assume that you have completed all the required steps in [Be You can now run queries in the HP ArcSight console. -Microsoft Defender ATP alerts will appear as discrete events, with "Microsoft” as the vendor and “Windows Defender ATP” as the device name. +Microsoft Defender ATP detections will appear as discrete events, with "Microsoft” as the vendor and “Windows Defender ATP” as the device name. ## Troubleshooting HP ArcSight connection @@ -187,6 +190,6 @@ Microsoft Defender ATP alerts will appear as discrete events, with "Microsoft” ## Related topics - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) -- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) -- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) +- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) +- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) - [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md index c5e8719018..89fb09887a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md @@ -1,6 +1,6 @@ --- -title: Pull alerts to your SIEM tools from Microsoft Defender Advanced Threat Protection -description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts. +title: Pull detections to your SIEM tools from Microsoft Defender Advanced Threat Protection +description: Learn how to use REST API and configure supported security information and events management tools to receive and pull detections. keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -18,7 +18,7 @@ ms.topic: article ms.date: 10/16/2017 --- -# Pull alerts to your SIEM tools +# Pull detections to your SIEM tools **Applies to:** @@ -26,8 +26,13 @@ ms.date: 10/16/2017 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) -## Pull alerts using security information and events management (SIEM) tools -Microsoft Defender ATP supports (SIEM) tools to pull alerts. Microsoft Defender ATP exposes alerts through an HTTPS endpoint hosted in Azure. The endpoint can be configured to pull alerts from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for an AAD application that represents the specific SIEM connector installed in your environment. +## Pull detections using security information and events management (SIEM) tools + +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details. + +Microsoft Defender ATP supports (SIEM) tools to pull detections. Microsoft Defender ATP exposes alerts through an HTTPS endpoint hosted in Azure. The endpoint can be configured to pull detections from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for an AAD application that represents the specific SIEM connector installed in your environment. Microsoft Defender ATP currently supports the following SIEM tools: @@ -39,16 +44,16 @@ To use either of these supported SIEM tools you'll need to: - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) - Configure the supported SIEM tool: - - [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) - - [Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) + - [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) + - [Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) -For more information on the list of fields exposed in the alerts API see, [Microsoft Defender ATP alert API fields](api-portal-mapping.md). +For more information on the list of fields exposed in the Detection API see, [Microsoft Defender ATP Detection fields](api-portal-mapping.md). -## Pull Microsoft Defender ATP alerts using REST API -Microsoft Defender ATP supports the OAuth 2.0 protocol to pull alerts using REST API. +## Pull Microsoft Defender ATP detections using REST API +Microsoft Defender ATP supports the OAuth 2.0 protocol to pull detections using REST API. -For more information, see [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md). +For more information, see [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md). ## In this section @@ -56,8 +61,8 @@ For more information, see [Pull Microsoft Defender ATP alerts using REST API](pu Topic | Description :---|:--- [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)| Learn about enabling the SIEM integration feature in the **Settings** page in the portal so that you can use and generate the required information to configure supported SIEM tools. -[Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md)| Learn about installing the REST API Modular Input app and other configuration settings to enable Splunk to pull Microsoft Defender ATP alerts. -[Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md)| Learn about installing the HP ArcSight REST FlexConnector package and the files you need to configure ArcSight to pull Microsoft Defender ATP alerts. -[Microsoft Defender ATP alert API fields](api-portal-mapping.md) | Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center. -[Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) | Use the Client credentials OAuth 2.0 flow to pull alerts from Microsoft Defender ATP using REST API. +[Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md)| Learn about installing the REST API Modular Input App and other configuration settings to enable Splunk to pull Microsoft Defender ATP detections. +[Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md)| Learn about installing the HP ArcSight REST FlexConnector package and the files you need to configure ArcSight to pull Microsoft Defender ATP detections. +[Microsoft Defender ATP Detection fields](api-portal-mapping.md) | Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center. +[Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) | Use the Client credentials OAuth 2.0 flow to pull detections from Microsoft Defender ATP using REST API. [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) | Address issues you might encounter when using the SIEM integration feature. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md index 13cf662e66..6d0db578d1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md @@ -1,6 +1,6 @@ --- -title: Configure Splunk to pull Microsoft Defender ATP alerts -description: Configure Splunk to receive and pull alerts from Microsoft Defender Security Center. +title: Configure Splunk to pull Microsoft Defender ATP detections +description: Configure Splunk to receive and pull detections from Microsoft Defender Security Center. keywords: configure splunk, security information and events management tools, splunk search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -17,7 +17,7 @@ ms.collection: M365-security-compliance ms.topic: article --- -# Configure Splunk to pull Microsoft Defender ATP alerts +# Configure Splunk to pull Microsoft Defender ATP detections **Applies to:** @@ -28,7 +28,11 @@ ms.topic: article >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresplunk-abovefoldlink) -You'll need to configure Splunk so that it can pull Microsoft Defender ATP alerts. +You'll need to configure Splunk so that it can pull Microsoft Defender ATP detections. + +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details. ## Before you begin @@ -121,8 +125,8 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP alert After completing these configuration steps, you can go to the Splunk dashboard and run queries. -## View alerts using Splunk solution explorer -Use the solution explorer to view alerts in Splunk. +## View detections using Splunk solution explorer +Use the solution explorer to view detections in Splunk. 1. In Splunk, go to **Settings** > **Searchers, reports, and alerts**. @@ -141,12 +145,12 @@ Use the solution explorer to view alerts in Splunk. >[!TIP] -> To mininimize alert duplications, you can use the following query: +> To mininimize Detection duplications, you can use the following query: >```source="rest://windows atp alerts" | spath | dedup _raw | table *``` ## Related topics - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) -- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) -- [Microsoft Defender ATP alert API fields](api-portal-mapping.md) -- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) +- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) +- [Microsoft Defender ATP Detection fields](api-portal-mapping.md) +- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) - [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md index 2c9fa62654..707f89cea2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md @@ -1,6 +1,6 @@ --- title: Enable SIEM integration in Microsoft Defender ATP -description: Enable SIEM integration to receive alerts in your security information and event management (SIEM) solution. +description: Enable SIEM integration to receive detections in your security information and event management (SIEM) solution. keywords: enable siem connector, siem, connector, security information and events search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/10/2018 --- # Enable SIEM integration in Microsoft Defender ATP @@ -26,7 +25,11 @@ ms.date: 12/10/2018 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablesiem-abovefoldlink) -Enable security information and event management (SIEM) integration so you can pull alerts from Microsoft Defender Security Center using your SIEM solution or by connecting directly to the alerts REST API. +Enable security information and event management (SIEM) integration so you can pull detections from Microsoft Defender Security Center using your SIEM solution or by connecting directly to the detections REST API. + +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details. ## Prerequisites - The user who activates the setting must have permissions to create an app in Azure Active Directory (AAD). This is typically someone with a **Global administrator** role. @@ -55,7 +58,7 @@ Enable security information and event management (SIEM) integration so you can p > - WDATP-connector.jsonparser.properties > - WDATP-connector.properties
- If you want to connect directly to the alerts REST API through programmatic access, choose **Generic API**. + If you want to connect directly to the detections REST API through programmatic access, choose **Generic API**. 4. Copy the individual values or select **Save details to file** to download a file that contains all the values. @@ -64,14 +67,14 @@ Enable security information and event management (SIEM) integration so you can p > [!NOTE] > You'll need to generate a new Refresh token every 90 days. -You can now proceed with configuring your SIEM solution or connecting to the alerts REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive alerts from Microsoft Defender Security Center. +You can now proceed with configuring your SIEM solution or connecting to the detections REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive detections from Microsoft Defender Security Center. ## Integrate Microsoft Defender ATP with IBM QRadar -You can configure IBM QRadar to collect alerts from Microsoft Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1). +You can configure IBM QRadar to collect detections from Microsoft Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1). ## Related topics -- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) -- [Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) -- [Microsoft Defender ATP alert API fields](api-portal-mapping.md) -- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) +- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) +- [Configure HP ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) +- [Microsoft Defender ATP Detection fields](api-portal-mapping.md) +- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) - [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines.md deleted file mode 100644 index c247c9aa81..0000000000 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines.md +++ /dev/null @@ -1,122 +0,0 @@ ---- -title: Get IP related machines API -description: Retrieves a collection of machines related to a given IP address. -keywords: apis, graph api, supported apis, get, ip, related, machines -search.product: eADQiWindows 10XVcnh -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: article ---- - -# Get IP related machines API (Deprecated) - -**Applies to:** - -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -Retrieves a collection of machines that communicated with or from a particular IP. - -## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) - -Permission type | Permission | Permission display name -:---|:---|:--- -Application | Machine.Read.All | 'Read all machine profiles' -Application | Machine.ReadWrite.All | 'Read and write all machine information' -Delegated (work or school account) | Machine.Read | 'Read machine information' -Delegated (work or school account) | Machine.ReadWrite | 'Read and write machine information' - ->[!Note] -> When obtaining a token using user credentials: ->- The user needs to have at least the following role permission: 'View Data' (See [Create and manage roles](user-roles.md) for more information) ->- Response will include only machines, that the user have access to, based on machine group settings (See [Create and manage machine groups](machine-groups.md) for more information) - -## HTTP request -``` -GET /api/ips/{ip}/machines -``` - -## Request headers - -Name | Type | Description -:---|:---|:--- -Authorization | String | Bearer {token}. **Required**. - - -## Request body -Empty - -## Response -If successful and IP exists - 200 OK with list of [machine](machine.md) entities in the body. If IP do not exist - 404 Not Found. - - -## Example - -**Request** - -Here is an example of the request. - -[!include[Improve request performance](improve-request-performance.md)] - -``` -GET https://api.securitycenter.windows.com/api/ips/10.209.67.177/machines -``` - -**Response** - -Here is an example of the response. - - -``` -HTTP/1.1 200 OK -Content-type: application/json -{ - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Machines", - "value": [ - { - "id": "1e5bc9d7e413ddd7902c2932e418702b84d0cc07", - "computerDnsName": "mymachine1.contoso.com", - "firstSeen": "2018-08-02T14:55:03.7791856Z", - "lastSeen": "2018-08-02T14:55:03.7791856Z", - "osPlatform": "Windows10", - "osVersion": "10.0.0.0", - "lastIpAddress": "172.17.230.209", - "lastExternalIpAddress": "167.220.196.71", - "agentVersion": "10.5830.18209.1001", - "osBuild": 18209, - "healthStatus": "Active", - "rbacGroupId": 140, - "riskScore": "Low", - "rbacGroupName": "The-A-Team", - "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", - "machineTags": [ "test tag 1", "test tag 2" ] - }, - { - "id": "7292e4b8cb74ff1cc3d8a495eb29dc8858b732f7", - "computerDnsName": "mymachine2.contoso.com", - "firstSeen": "2018-07-09T13:22:45.1250071Z", - "lastSeen": "2018-07-09T13:22:45.1250071Z", - "osPlatform": "Windows10", - "osVersion": "10.0.0.0", - "lastIpAddress": "192.168.12.225", - "lastExternalIpAddress": "79.183.65.82", - "agentVersion": "10.5820.17724.1000", - "osBuild": 17724, - "healthStatus": "Inactive", - "rbacGroupId": 140, - "rbacGroupName": "The-A-Team", - "riskScore": "Low", - "aadDeviceId": null, - "machineTags": [ "test tag 1" ] - } - ] -} -``` diff --git a/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md b/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md deleted file mode 100644 index 38debbe291..0000000000 --- a/windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md +++ /dev/null @@ -1,82 +0,0 @@ ---- -title: Is domain seen in org API -description: Use this API to create calls related to checking whether a domain was seen in the organization. -keywords: apis, graph api, supported apis, domain, domain seen -search.product: eADQiWindows 10XVcnh -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: article ---- - -# Was domain seen in org (Deprecated) - -**Applies to:** - -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -Answers whether a domain was seen in the organization. - -## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) - -Permission type | Permission | Permission display name -:---|:---|:--- -Application | Url.Read.All | 'Read URLs' -Delegated (work or school account) | URL.Read.All | 'Read URLs' - ->[!Note] -> When obtaining a token using user credentials: ->- The user needs to have at least the following role permission: 'View Data' (See [Create and manage roles](user-roles.md) for more information) - -## HTTP request -``` -GET /api/domains/{domain} -``` - -## Request headers - -Header | Value -:---|:--- -Authorization | Bearer {token}. **Required**. - - -## Request body -Empty - -## Response -If successful and domain exists - 200 OK. If domain does not exist - 404 Not Found. - -## Example - -**Request** - -Here is an example of the request. - -[!include[Improve request performance](improve-request-performance.md)] - -``` -GET https://api.securitycenter.windows.com/api/domains/example.com -Content-type: application/json -``` - -**Response** - -Here is an example of the response. - - -``` -HTTP/1.1 200 OK -Content-type: application/json -{ - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Domains/$entity", - "host": "example.com" -} -``` diff --git a/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md b/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md deleted file mode 100644 index f112796be2..0000000000 --- a/windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md +++ /dev/null @@ -1,82 +0,0 @@ ---- -title: Is IP seen in org API -description: Answers whether an IP was seen in the organization. -keywords: apis, graph api, supported apis, is, ip, seen, org, organization -search.product: eADQiWindows 10XVcnh -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: article ---- - -# Was IP seen in org (Deprecated) - -**Applies to:** - -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -Answers whether an IP was seen in the organization. - -## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) - -Permission type | Permission | Permission display name -:---|:---|:--- -Application | Ip.Read.All | 'Read IP address profiles' -Delegated (work or school account) | Ip.Read.All | 'Read IP address profiles' - ->[!Note] -> When obtaining a token using user credentials: ->- The user needs to have at least the following role permission: 'View Data' (See [Create and manage roles](user-roles.md) for more information) - -## HTTP request -``` -GET /api/ips/{ip} -``` - -## Request headers - -Name | Type | Description -:---|:---|:--- -Authorization | String | Bearer {token}. **Required**. - - -## Request body -Empty - -## Response -If successful and IP exists - 200 OK. If IP do not exist - 404 Not Found. - - -## Example - -**Request** - -Here is an example of the request. - -``` -GET https://api.securitycenter.windows.com/api/ips/10.209.67.177 -``` - -**Response** - -Here is an example of the response. - -[!include[Improve request performance](improve-request-performance.md)] - - -``` -HTTP/1.1 200 OK -Content-type: application/json -{ - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Ips/$entity", - "id": "10.209.67.177" -} -``` diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index 75f1890d2a..40c4a73464 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -52,7 +52,6 @@ An important aspect of machine management is the ability to analyze the environm Topic | Description :---|:--- Understand threat intelligence concepts | Learn about alert definitions, indicators of compromise, and other threat intelligence concepts. -Supported Microsoft Defender ATP APIs | Learn more about the individual supported entities where you can run API calls to and details such as HTTP request values, request headers and expected responses. Managed security service provider | Get a quick overview on managed security service provider support. diff --git a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt index f06995f573..9dd1998f62 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt +++ b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt @@ -392,7 +392,6 @@ ####### [Get domain related alerts](get-domain-related-alerts.md) ####### [Get domain related machines](get-domain-related-machines.md) ####### [Get domain statistics](get-domain-statistics.md) -####### [Is domain seen in organization (Deprecated)](is-domain-seen-in-org.md) ###### [File]() ####### [Methods and properties](files.md) @@ -403,9 +402,7 @@ ###### [IP]() ####### [Get IP related alerts](get-ip-related-alerts.md) -####### [Get IP related machines (Deprecated)](get-ip-related-machines.md) ####### [Get IP statistics](get-ip-statistics.md) -####### [Is IP seen in organization (Deprecated)](is-ip-seen-org.md) ###### [User]() ####### [Methods](user.md) @@ -428,13 +425,13 @@ ##### [Experiment with custom threat intelligence alerts](experiment-custom-ti.md) ##### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti.md) -#### [Pull alerts to your SIEM tools]() -##### [Learn about different ways to pull alerts](configure-siem.md) +#### [Pull Detections to your SIEM tools]() +##### [Learn about different ways to pull Detections](configure-siem.md) ##### [Enable SIEM integration](enable-siem-integration.md) -##### [Configure Splunk to pull alerts](configure-splunk.md) -##### [Configure HP ArcSight to pull alerts](configure-arcsight.md) -##### [Microsoft Defender ATP SIEM alert API fields](api-portal-mapping.md) -##### [Pull alerts using SIEM REST API](pull-alerts-using-rest-api.md) +##### [Configure Splunk to pull Detections](configure-splunk.md) +##### [Configure HP ArcSight to pull Detections](configure-arcsight.md) +##### [Microsoft Defender ATP Detection fields](api-portal-mapping.md) +##### [Pull Detections using SIEM REST API](pull-alerts-using-rest-api.md) ##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) #### [Reporting]() diff --git a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md index abf6c2fb00..c8bd39a230 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md @@ -1,7 +1,7 @@ --- -title: Pull Microsoft Defender ATP alerts using REST API -description: Pull alerts from Microsoft Defender ATP REST API. -keywords: alerts, pull alerts, rest api, request, response +title: Pull Microsoft Defender ATP detections using REST API +description: Pull detections from Microsoft Defender ATP REST API. +keywords: detections, pull detections, rest api, request, response search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -17,7 +17,7 @@ ms.collection: M365-security-compliance ms.topic: article --- -# Pull Microsoft Defender ATP alerts using SIEM REST API +# Pull Microsoft Defender ATP detections using SIEM REST API **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) @@ -26,7 +26,11 @@ ms.topic: article >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) -Microsoft Defender ATP supports the OAuth 2.0 protocol to pull alerts from the portal. +>[!Note] +>- [Microsoft Defender ATP Alert](alerts.md) is composed from one or more detections +>- [Microsoft Defender ATP Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Machine and its related Alert details. + +Microsoft Defender ATP supports the OAuth 2.0 protocol to pull detections from the API. In general, the OAuth 2.0 protocol supports four types of flows: - Authorization grant flow @@ -36,19 +40,19 @@ In general, the OAuth 2.0 protocol supports four types of flows: For more information about the OAuth specifications, see the [OAuth Website](http://www.oauth.net). -Microsoft Defender ATP supports the _Authorization grant flow_ and _Client credential flow_ to obtain access to generate alerts from the portal, with Azure Active Directory (AAD) as the authorization server. +Microsoft Defender ATP supports the _Authorization grant flow_ and _Client credential flow_ to obtain access to pull detections, with Azure Active Directory (AAD) as the authorization server. The _Authorization grant flow_ uses user credentials to get an authorization code, which is then used to obtain an access token. The _Client credential flow_ uses client credentials to authenticate against the Microsoft Defender ATP endpoint URL. This flow is suitable for scenarios when an OAuth client creates requests to an API that doesn't require user credentials. -Use the following method in the Microsoft Defender ATP API to pull alerts in JSON format. +Use the following method in the Microsoft Defender ATP API to pull detections in JSON format. >[!NOTE] >Microsoft Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering. ## Before you begin -- Before calling the Microsoft Defender ATP endpoint to pull alerts, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md). +- Before calling the Microsoft Defender ATP endpoint to pull detections, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md). - Take note of the following values in your Azure application registration. You need these values to configure the OAuth flow in your service or daemon app: - Application ID (unique to your application) @@ -59,7 +63,7 @@ Use the following method in the Microsoft Defender ATP API to pull alerts in JSO ## Get an access token Before creating calls to the endpoint, you'll need to get an access token. -You'll use the access token to access the protected resource, which are alerts in Microsoft Defender ATP. +You'll use the access token to access the protected resource, which are detections in Microsoft Defender ATP. To get an access token, you'll need to do a POST request to the token issuing endpoint. Here is a sample request: @@ -105,23 +109,23 @@ Use optional query parameters to specify and control the amount of data returned Name | Value| Description :---|:---|:--- -DateTime?sinceTimeUtc | string | Defines the lower time bound alerts are retrieved from, based on field:
`LastProcessedTimeUtc`
The time range will be: from sinceTimeUtc time to current time.

**NOTE**: When not specified, all alerts generated in the last two hours are retrieved. -DateTime?untilTimeUtc | string | Defines the upper time bound alerts are retrieved.
The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time.

**NOTE**: When not specified, the default value will be the current time. -string ago | string | Pulls alerts in the following time range: from `(current_time - ago)` time to `current_time` time.

Value should be set according to **ISO 8601** duration format
E.g. `ago=PT10M` will pull alerts received in the last 10 minutes. -int?limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.

**NOTE**: When not specified, all alerts available in the time range will be retrieved. -machinegroups | String | Specifies machine groups to pull alerts from.

**NOTE**: When not specified, alerts from all machine groups will be retrieved.

Example:

```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines``` +DateTime?sinceTimeUtc | string | Defines the lower time bound detections are retrieved from, based on field:
`LastProcessedTimeUtc`
The time range will be: from sinceTimeUtc time to current time.

**NOTE**: When not specified, all detections generated in the last two hours are retrieved. +DateTime?untilTimeUtc | string | Defines the upper time bound detections are retrieved.
The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time.

**NOTE**: When not specified, the default value will be the current time. +string ago | string | Pulls detections in the following time range: from `(current_time - ago)` time to `current_time` time.

Value should be set according to **ISO 8601** duration format
E.g. `ago=PT10M` will pull detections received in the last 10 minutes. +int?limit | int | Defines the number of detections to be retrieved. Most recent detections will be retrieved based on the number defined.

**NOTE**: When not specified, all detections available in the time range will be retrieved. +machinegroups | String | Specifies machine groups to pull detections from.

**NOTE**: When not specified, detections from all machine groups will be retrieved.

Example:

```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines``` DeviceCreatedMachineTags | string | Single machine tag from the registry. CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center. ### Request example -The following example demonstrates how to retrieve all the alerts in your organization. +The following example demonstrates how to retrieve all the detections in your organization. ```syntax GET https://wdatp-alertexporter-eu.windows.com/api/alerts Authorization: Bearer ``` -The following example demonstrates a request to get the last 20 alerts since 2016-09-12 00:00:00. +The following example demonstrates a request to get the last 20 detections since 2016-09-12 00:00:00. ```syntax GET https://wdatp-alertexporter-eu.windows.com/api/alerts?limit=20&sinceTimeUtc=2016-09-12T00:00:00.000 @@ -178,14 +182,14 @@ AuthenticationContext context = new AuthenticationContext(string.Format("https:/ ClientCredential clientCredentials = new ClientCredential(clientId, clientSecret); AuthenticationResult authenticationResult = context.AcquireToken(resource, clientCredentials); ``` -### Use token to connect to the alerts endpoint +### Use token to connect to the detections endpoint ``` HttpClient httpClient = new HttpClient(); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authenticationResult.AccessTokenType, authenticationResult.AccessToken); HttpResponseMessage response = httpClient.GetAsync("https://wdatp-alertexporter-eu.windows.com/api/alert").GetAwaiter().GetResult(); -string alertsJson = response.Content.ReadAsStringAsync().Result; -Console.WriteLine("Got alert list: {0}", alertsJson); +string detectionsJson = response.Content.ReadAsStringAsync().Result; +Console.WriteLine("Got detections list: {0}", detectionsJson); ``` @@ -203,7 +207,7 @@ HTTP error code | Description ## Related topics - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) -- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) -- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) -- [Microsoft Defender ATP alert API fields](api-portal-mapping.md) +- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) +- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) +- [Microsoft Defender ATP Detection fields](api-portal-mapping.md) - [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md index c45bc362d2..e6d27968c0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md @@ -25,7 +25,7 @@ ms.topic: troubleshooting -You might need to troubleshoot issues while pulling alerts in your SIEM tools. +You might need to troubleshoot issues while pulling detections in your SIEM tools. This page provides detailed steps to troubleshoot issues you might encounter. @@ -80,7 +80,7 @@ If you encounter an error when trying to enable the SIEM connector application, ## Related topics - [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) -- [Configure ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight.md) -- [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk.md) -- [Microsoft Defender ATP alert API fields](api-portal-mapping.md) -- [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api.md) +- [Configure ArcSight to pull Microsoft Defender ATP detections](configure-arcsight.md) +- [Configure Splunk to pull Microsoft Defender ATP detections](configure-splunk.md) +- [Microsoft Defender ATP Detection fields](api-portal-mapping.md) +- [Pull Microsoft Defender ATP detections using REST API](pull-alerts-using-rest-api.md) From 20d80bacbfb22eb699ed80fb115054b9a0140200 Mon Sep 17 00:00:00 2001 From: Deland-Han Date: Wed, 4 Sep 2019 11:18:06 +0800 Subject: [PATCH 066/113] edit --- windows/client-management/TOC.md | 2 +- .../determine-appropriate-page-file-size.md | 29 +++++------ .../generate-kernel-or-complete-crash-dump.md | 29 +++++------ ...page-file.md => introduction-page-file.md} | 20 ++++---- .../system-failure-recovery-options.md | 50 +++++++++---------- .../troubleshoot-windows-startup.md | 20 ++++---- 6 files changed, 74 insertions(+), 76 deletions(-) rename windows/client-management/{introduction-of-page-file.md => introduction-page-file.md} (80%) diff --git a/windows/client-management/TOC.md b/windows/client-management/TOC.md index c998cd5263..05d41bdfa9 100644 --- a/windows/client-management/TOC.md +++ b/windows/client-management/TOC.md @@ -24,7 +24,7 @@ ### [Advanced troubleshooting for Windows startup](troubleshoot-windows-startup.md) #### [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md) #### [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md) -#### [Introduction to the page file](introduction-of-page-file.md) +#### [Introduction to the page file](introduction-page-file.md) #### [Configure system failure and recovery options in Windows](system-failure-recovery-options.md) #### [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md) #### [Advanced troubleshooting for Windows-based computer freeze](troubleshoot-windows-freeze.md) diff --git a/windows/client-management/determine-appropriate-page-file-size.md b/windows/client-management/determine-appropriate-page-file-size.md index af9ebe39dd..b6abb3661e 100644 --- a/windows/client-management/determine-appropriate-page-file-size.md +++ b/windows/client-management/determine-appropriate-page-file-size.md @@ -14,25 +14,25 @@ manager: dcscontentpm # How to determine the appropriate page file size for 64-bit versions of Windows -In summary, page file sizing depends on the system crash dump setting requirements and the system commit charge peak usage or expected usage. Both considerations are unique to each system, even for systems that are identical to other systems. This means that page file sizing is unique to each system and cannot be generalized. +Page file sizing depends on the system crash dump setting requirements and the peak usage or expected peak usage of the system commit charge. Both considerations are unique to each system, even for systems that are identical. This means that page file sizing is also unique to each system and cannot be generalized. ## Determine the appropriate page file size -Use the following considerations for page file sizing for all versions of Windows and Windows Server: +Use the following considerations for page file sizing for all versions of Windows and Windows Server. ### Crash dump setting -If you want a crash dump file to be created during a system crash, a page file or a dedicated dump file must exist and be large enough to back the system crash dump setting. Otherwise, a system memory dump file is not created. +If you want a crash dump file to be created during a system crash, a page file or a dedicated dump file must exist and be large enough to back up the system crash dump setting. Otherwise, a system memory dump file is not created. -For more information, see [Support for system crash dumps](introduction-of-page-file.md#support-for-system-crash-dumps) section. +For more information, see [Support for system crash dumps](introduction-page-file.md#support-for-system-crash-dumps) section. ### Peak system commit charge -The system commit charge cannot exceed the system commit limit. This limit is the sum of physical memory (RAM) and all page files combined. If no page files exist, the system commit limit is slightly less than the physical memory installed. Peak system-committed memory usage can vary greatly between systems. Therefore, physical memory and page file sizing also varies. +The system commit charge cannot exceed the system commit limit. This limit is the sum of physical memory (RAM) and all page files combined. If no page files exist, the system commit limit is slightly less than the physical memory that is installed. Peak system-committed memory usage can vary greatly between systems. Therefore, physical memory and page file sizing also vary. ### Quantity of infrequently accessed pages -The purpose of a page file is to back infrequently accessed modified pages so that they can be removed from physical memory. This provides more available space for more frequently accessed pages. The "\Memory\Modified Page List Bytes" performance counter measures, in part, the number of infrequently accessed modified pages that are destined for the hard disk. However, be aware that not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. Therefore, consider extending or adding a page file if all the following conditions are true: +The purpose of a page file is to *back* (support) infrequently accessed modified pages so that they can be removed from physical memory. This provides more available space for more frequently accessed pages. The "\Memory\Modified Page List Bytes" performance counter measures, in part, the number of infrequently accessed modified pages that are destined for the hard disk. However, be aware that not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. Therefore, consider extending or adding a page file if all the following conditions are true: - More available physical memory (\Memory\Available MBytes) is required. @@ -42,7 +42,7 @@ The purpose of a page file is to back infrequently accessed modified pages so th ## Support for system crash dumps -A system crash (also known as a “bug check” or a "Stop error") occurs when the system cannot run correctly. The dump file that is produced from this event is called a system crash dump. A page file or dedicated dump file is used to write a crash dump file (memory.dmp) to disk. Therefore, a page file or a dedicated dump file must be large enough to support the kind of crash dump selected. Otherwise, the system cannot create the crash dump file. +A system crash (also known as a “bug check” or a "Stop error") occurs when the system cannot run correctly. The dump file that is produced from this event is called a system crash dump. A page file or dedicated dump file is used to write a crash dump file (Memory.dmp) to disk. Therefore, a page file or a dedicated dump file must be large enough to support the kind of crash dump selected. Otherwise, the system cannot create the crash dump file. >[!Note] >During startup, system-managed page files are sized respective to the system crash dump settings. This assumes that enough free disk space exists. @@ -58,18 +58,19 @@ A system crash (also known as a “bug check” or a "Stop error") occurs when t The **Automatic memory dump** setting is enabled by default. This is a setting instead of a kind of crash dump. This setting automatically selects the best page file size, depending on the frequency of system crashes. -The Automatic memory dump feature at first selects a small paging file size. It would accommodate the kernel memory most of the time. If the system crashes again within four weeks, the Automatic memory dump feature selects the page file size as either the RAM size or 32 GB, whichever is smaller. +The Automatic memory dump feature initially selects a small paging file size. It would accommodate the kernel memory most of the time. If the system crashes again within four weeks, the Automatic memory dump feature sets the page file size as either the RAM size or 32 GB, whichever is smaller. Kernel memory crash dumps require enough page file space or dedicated dump file space to accommodate the kernel mode side of virtual memory usage. If the system crashes again within four weeks of the previous crash, a Complete memory dump is selected at restart. This requires a page file or dedicated dump file of at least the size of physical memory (RAM) plus 1 MB for header information plus 256 MB for potential driver data to support all the potential data that is dumped from memory. Again, the system-managed page file will be increased to back this kind of crash dump. If the system is configured to have a page file or a dedicated dump file of a specific size, make sure that the size is sufficient to back the crash dump setting that is listed in the table earlier in this section together with and the peak system commit charge. ### Dedicated dump files Computers that are running Microsoft Windows or Microsoft Windows Server usually must have a page file to support a system crash dump. System administrators now have the option to create a dedicated dump file instead. -A dedicated dump file is a page file that is not used for paging. Instead, it is “dedicated” to back a system crash dump file (memory.dmp) when a system crash occurs. Dedicated dump files can be put on any disk volume that can support a page file. We recommend that you use a dedicated dump file when you want a system crash dump, but you do not want a page file. + +A dedicated dump file is a page file that is not used for paging. Instead, it is “dedicated” to back a system crash dump file (Memory.dmp) when a system crash occurs. Dedicated dump files can be put on any disk volume that can support a page file. We recommend that you use a dedicated dump file if you want a system crash dump but you do not want a page file. ## System-managed page files -By default, page files are system managed. This means that the page files increase and decrease based on many factors, such as the amount of physical memory installed, the process of accommodating the system commit charge, and the process of accommodating a system crash dump. +By default, page files are system-managed. This means that the page files increase and decrease based on many factors, such as the amount of physical memory installed, the process of accommodating the system commit charge, and the process of accommodating a system crash dump. For example, when the system commit charge is more than 90 percent of the system commit limit, the page file is increased to back it. This continues to occur until the page file reaches three times the size of physical memory or 4 GB, whichever is larger. This all assumes that the logical disk that is hosting the page file is large enough to accommodate the growth. @@ -77,7 +78,7 @@ The following table lists the minimum and maximum page file sizes of system-mana |Minimum page file size |Maximum page file size| |---------------|------------------| -|Varies based on page file usage history, amount of RAM (RAM ÷ 8, max 32 GB) and crash dump settings. |3 × RAM or 4 GB, whichever is larger. This is then limited to the volume size ÷ 8. However, it can grow to within 1 GB of free space on the volume if required for crash dump settings.| +|Varies based on page file usage history, amount of RAM (RAM ÷ 8, max 32 GB) and crash dump settings. |3 × RAM or 4 GB, whichever is larger. This is then limited to the volume size ÷ 8. However, it can grow to within 1 GB of free space on the volume if required for crash dump settings.| ## Performance counters @@ -109,7 +110,7 @@ Hard page faults are faults that must be resolved by retrieving the data from di High values for these counters (excessive paging) indicate disk access of generally 4 KB per page fault on x86 and x64 versions of Windows and Windows Server. This disk access might or might not be related to page file activity but may contribute to poor disk performance that can cause system-wide delays if the related disks are overwhelmed. -Therefore, we recommend that you monitor the disk performance of the logical disks that host a page file in correlation with these counters. Be aware that a system that has a sustained 100 hard page faults per second experiences 400 KB per second disk transfers. Most 7200 RPM disk drives can handle about 5 MB per second at an IO size of 16 KB or 800 KB per second at an IO size of 4 KB. No performance counter directly measures which logical disk the hard page faults are resolved for. +Therefore, we recommend that you monitor the disk performance of the logical disks that host a page file in correlation with these counters. Be aware that a system that has a sustained 100 hard page faults per second experiences 400 KB per second disk transfers. Most 7,200 RPM disk drives can handle about 5 MB per second at an IO size of 16 KB or 800 KB per second at an IO size of 4 KB. No performance counter directly measures which logical disk the hard page faults are resolved for. ### \Paging File(*)\% Usage @@ -118,11 +119,11 @@ The \Paging File(*)\% Usage performance counter measures the percentage of usage >[!Note] >The size of the Modified Page List (\Memory\Modified Page List Bytes) is the total of modified data that is waiting to be written to disk. -If the Modified Page List (a list of physical memory pages that are the least frequently accessed) contains a lot of memory, and if the % Usage value of all page files is greater than 90, you can make more physical memory available for more frequently access pages by increasing or adding a page file. +If the Modified Page List (a list of physical memory pages that are the least frequently accessed) contains lots of memory, and if the **% Usage** value of all page files is greater than 90, you can make more physical memory available for more frequently access pages by increasing or adding a page file. >[!Note] >Not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. ## Multiple page files and disk considerations -If a system is configured to have more than one page files, the page file that responds first is the one that is used. This means that page files that are on faster disks are used more frequently. Also, putting a page file on a “fast” or “slow” disk is important only if the page file is frequently accessed and if the disk that is hosting the respective page file is overwhelmed. Be aware that actual page file usage depends greatly on the amount of modified memory that the system is managing. This means that files that already exist on disk (such as .txt, .doc, .dll, and .exe) are not written to a page file. Only modified data that does not already exist on disk (for example, unsaved text in Notepad ) is memory that could potentially be backed by a page file. After the unsaved data is saved to disk as a file, it is backed by the disk and not by a page file. +If a system is configured to have more than one page files, the page file that responds first is the one that is used. This means that page files that are on faster disks are used more frequently. Also, whether you put a page file on a “fast” or “slow” disk is important only if the page file is frequently accessed and if the disk that is hosting the respective page file is overwhelmed. Be aware that actual page file usage depends greatly on the amount of modified memory that the system is managing. This means that files that already exist on disk (such as .txt, .doc, .dll, and .exe) are not written to a page file. Only modified data that does not already exist on disk (for example, unsaved text in Notepad) is memory that could potentially be backed by a page file. After the unsaved data is saved to disk as a file, it is backed by the disk and not by a page file. diff --git a/windows/client-management/generate-kernel-or-complete-crash-dump.md b/windows/client-management/generate-kernel-or-complete-crash-dump.md index 21bffca246..894ed853fc 100644 --- a/windows/client-management/generate-kernel-or-complete-crash-dump.md +++ b/windows/client-management/generate-kernel-or-complete-crash-dump.md @@ -16,7 +16,7 @@ manager: dcscontentpm A system crash (also known as a “bug check” or a "Stop error") occurs when Windows can't run correctly. The dump file that is produced from this event is called a system crash dump. -A manual kernel or complete memory dump file is useful when troubleshooting a number of issues because the process captures a record of system memory at the time of a crash. +A manual kernel or complete memory dump file is useful when you troubleshoot several issues because the process captures a record of system memory at the time of a crash. ## Set up page files @@ -28,27 +28,27 @@ You must be logged on as an administrator or a member of the Administrators grou To enable memory dump setting, follow these steps: -1. In **Control Panel**, click **System and Security** -> **System**, or click **System** directly if control panel is viewed by icons. +1. In **Control Panel**, select **System and Security** > **System**. -2. Click **Advanced system settings**, and then click the **Advanced** tab. +2. Select **Advanced system settings**, and then select the **Advanced** tab. -3. Under **Startup and Recovery**, click **Settings**. +3. In the **Startup and Recovery** area, select **Settings**. 4. Make sure that **Kernel memory dump** or **Complete memory dump** is selected under **Writing Debugging Information**. 5. Restart the computer. >[!Note] -> You can change the dump file path by edit the **Dump file** field. In other words, you can change the path from %SystemRoot%\Memory.dmp to point to a local drive that has enough disk space, such as E:\Memory.dmp. +>You can change the dump file path by edit the **Dump file** field. In other words, you can change the path from %SystemRoot%\Memory.dmp to point to a local drive that has enough disk space, such as E:\Memory.dmp. -### Tips for memory dump +### Tips to generate memory dumps -When computer crashes and restarts, the contents of physical RAM are written to the paging file that is located on the partition on which the operating system is installed. +When the computer crashes and restarts, the contents of physical RAM are written to the paging file that is located on the partition on which the operating system is installed. -Depending on the speed of the hard drive on which Windows is installed, dumping more than 2 gigabytes (GB) of memory may take a long time. Even in a best case scenario, where the dump file is configured to reside on another local hard drive, there will be a significant amount of data being read and written to the hard drives. This can cause a prolonged server outage. +Depending on the speed of the hard disk on which Windows is installed, dumping more than 2 gigabytes (GB) of memory may take a long time. Even in a best case scenario, if the dump file is configured to reside on another local hard drive, a significant amount of data will be read and written to the hard disks. This can cause a prolonged server outage. >[!Note] ->Use this method to generate complete memory dump files with caution. Ideally, you should only do this only when you are explicitly requested to by the Microsoft Customer Support Services Engineer. Any kernel or complete memory dump file debugging should be the last resort when all the standard troubleshooting methods have been completely exhausted. +>Use this method to generate complete memory dump files with caution. Ideally, you should do this only when you are explicitly requested to by the Microsoft Support engineer. Any kernel or complete memory dump file debugging should be the last resort after all standard troubleshooting methods have been completely exhausted. ## Manually generate a memory dump file @@ -58,7 +58,7 @@ If you can log on while the problem is occurring, you can use the Microsoft Sysi 1. Download the [NotMyFault](https://download.sysinternals.com/files/NotMyFault.zip) tool. -2. Click **Start**, and then click **Command Prompt**. +2. Select **Start**, and then select **Command Prompt**. 3. At the command line, run the following command: ```cmd @@ -66,7 +66,7 @@ If you can log on while the problem is occurring, you can use the Microsoft Sysi ``` >[!Note] ->This operation generates a memory dump file and a D1 stop error. +>This operation generates a memory dump file and a D1 Stop error. ### Use NMI @@ -86,13 +86,13 @@ To do this, follow these steps: 3. Type NMICrashDump, and then press Enter. -4. Right-click **NMICrashDump**, and then click **Modify**. +4. Right-click **NMICrashDump**, and then select **Modify**. -5. In the **Value data** box, type 1, and then click **OK**. +5. In the **Value data** box, type **1**, and then select **OK**. 6. Restart the computer. -7. Hardware vendors, such as HP, IBM, and Dell, may provide an Automatic System Recovery (ASR) feature. You should disable this feature during troubleshooting. For example, if HP and Compaq's ASR feature is enabled in the BIOS, disable this feature while you are troubleshooting to generate a complete memory.dmp file. For the exact steps, contact your hardware vendor. +7. Hardware vendors, such as HP, IBM, and Dell, may provide an Automatic System Recovery (ASR) feature. You should disable this feature during troubleshooting. For example, if the HP and Compaq ASR feature is enabled in the BIOS, disable this feature while you troubleshoot to generate a complete Memory.dmp file. For the exact steps, contact your hardware vendor. 8. Enable the NMI switch in the BIOS or by using the Integrated Lights Out (iLO) Web interface. @@ -108,3 +108,4 @@ To do this, follow these steps: ### Use Debugger [Forcing a System Crash from the Debugger](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/forcing-a-system-crash-from-the-debugger) + diff --git a/windows/client-management/introduction-of-page-file.md b/windows/client-management/introduction-page-file.md similarity index 80% rename from windows/client-management/introduction-of-page-file.md rename to windows/client-management/introduction-page-file.md index ebab8b0352..747ac0b22a 100644 --- a/windows/client-management/introduction-of-page-file.md +++ b/windows/client-management/introduction-page-file.md @@ -12,13 +12,13 @@ ms.reviewer: manager: dcscontentpm --- -# Introduction to the page file +# Introduction to page files A page file (also known as a "paging file") is an optional, hidden system file on a hard disk. ## Functionality -Page files have the following functionalities: +Page files have the following functionalities. ### Physical extension of RAM @@ -30,7 +30,7 @@ Some products or services require a page file for various reasons. For specific For example, the following Windows servers requires page files: -- Windows Server domain controllers +- Windows Server domain controllers (DCs) - DFS Replication (DFS-R) servers @@ -44,7 +44,7 @@ For Windows Server 2012 Hyper-V and Windows Server 2012 R2 Hyper-V, the page fil ### Support for system crash dumps -Page files can be used to "back" (or support) system crash dumps and extend how much system-committed memory (also known as “virtual memory”) a system can back. +Page files can be used to "back" (or support) system crash dumps and extend how much system-committed memory (also known as “virtual memory”) a system can support. For more information about system crash dumps, see [system crash dump options](system-failure-recovery-options.md#under-write-debugging-information). @@ -56,19 +56,19 @@ However, the reason to configure the page file size has not changed. It has alwa ## System committed memory -Page files extend how much "Committed memory" (also known as "Virtual Memory") is used to store modified data. +Page files extend how much "committed memory" (also known as "virtual memory") is used to store modified data. The system commit memory limit is the sum of physical memory and all page files combined. It represents the maximum system-committed memory (also known as the "system commit charge") that the system can support. -![Task manager](images/task-manager.png) +![Task manager](media/task-manager.png) The system commit charge is the total committed or "promised" memory of all committed virtual memory in the system. If the system commit charge reaches the system commit limit, the system and processes might not get committed memory. This condition can cause freezing, crashing, and other malfunctions. Therefore, make sure that you set the system commit limit high enough to support the system commit charge during peak usage. -![Out of memory](images/out-of-memory.png) +![Out of memory](media/out-of-memory.png) -![Task manager](images/task-manager-commit.png) +![Task Manager](media/task-manager-commit.png) -The system committed charge and system committed limit can be measured on the Performance tab in Task Manager or by using the "\Memory\Committed Bytes" and "\Memory\Commit Limit" performance counters. The \Memory\% Committed Bytes In Use counter is a ratio of \Memory\Committed Bytes to \Memory\Commit Limit values. +The system committed charge and system committed limit can be measured on the **Performance** tab in Task Manager or by using the "\Memory\Committed Bytes" and "\Memory\Commit Limit" performance counters. The \Memory\% Committed Bytes In Use counter is a ratio of \Memory\Committed Bytes to \Memory\Commit Limit values. >[!Note] ->System-managed page files automatically grow up to three times physical memory or 4 GB (whichever is larger) when the system commit charge reaches 90 percent of the system commit limit. This assumes that enough free disk space is available to accommodate the growth. +>System-managed page files automatically grow up to three times the physical memory or 4 GB (whichever is larger) when the system commit charge reaches 90 percent of the system commit limit. This assumes that enough free disk space is available to accommodate the growth. diff --git a/windows/client-management/system-failure-recovery-options.md b/windows/client-management/system-failure-recovery-options.md index d2164150e4..04dcbbafc9 100644 --- a/windows/client-management/system-failure-recovery-options.md +++ b/windows/client-management/system-failure-recovery-options.md @@ -14,45 +14,45 @@ manager: dcscontentpm # Configure system failure and recovery options in Windows -This article introduces on how to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or stop error) occurs. You can configure the following actions: +This article describes how to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or Stop error) occurs. You can configure the following actions: - Write an event to the System log. - Alert administrators (if you have set up administrative alerts). -- Put system memory in a file that advanced users can use for debugging. +- Put system memory into a file that advanced users can use for debugging. - Automatically restart the computer. >[!Note] > You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure. -## Configuring System Failure and Recovery Options +## Configuring system failure and recovery options > [!IMPORTANT] > Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur. -The options are available in the Startup and Recovery. You can also use the following methods: +The options are available in the **Startup and Recovery** dialog box. You can also use the following methods: -- Modify the values under the following registry key +- Modify the values under the following registry subkey: **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl** -- To modify the option on your local computer, use the command-line utility (Wmic.exe) to access Windows Management Instrumentation (WMI). +- To modify the option on your local computer, use the command line utility (Wmic.exe) to access Windows Management Instrumentation (WMI). -Follow these steps to view the options in Startup and Recovery. The registry value and wmic commands are also listed for each option: +Follow these steps to view the options in **Startup and Recovery**. (The registry value and Wmic commands are also listed for each option.) -1. In Control Panel, click System and Security -> System, or click System directly if control panel is viewed by icons. +1. In Control Panel, select **System and Security > System**. -2. Click Advanced system settings, click the Advanced tab, under Startup and Recovery, and then click Settings. +2. Select **Advanced system settings**, select the **Advanced** tab, and select **Settings** in the **Startup and Recovery** area. ### Under "System failure" -Click to select the check boxes for the actions that you want Windows to perform when a system error occurs. +Select the check boxes for the actions that you want Windows to perform when a system error occurs. #### Write an event to the System log -The option specifies that event information is recorded in the System log. By default, this option is turned on. +This option specifies that event information is recorded in the System log. By default, this option is turned on. To turn off this option, run the following command or modify the registry value: @@ -76,7 +76,7 @@ To turn off this option, run the following command or modify the registry value: #### Automatically restart -The option specifies that Windows automatically restarts your computer. By default, this option is enabled. +The option specifies that Windows automatically restarts your computer. By default, this option is turned on. To turn off this option, run the following command or modify the registry value: @@ -88,7 +88,7 @@ To turn off this option, run the following command or modify the registry value: ### Under "Write debugging information" -Select the type of information that you want Windows to record in a memory dump file if the computer stops unexpectedly: +Select one of the following type of information that you want Windows to record in a memory dump file if the computer stops unexpectedly: #### (none) @@ -103,7 +103,7 @@ To specify that you do not want Windows to record information in a memory dump f #### Small Memory Dump -The option records the smallest amount of information to help identify the problem. This option requires a paging file of at least 2 megabytes (MB) on the boot volume of your computer and specifies that Windows will create a new file each time the system stops unexpectedly. A history of these files is stored in the folder that is listed under Small Dump Directory (%SystemRoot%\Minidump). In Windows XP and Windows Server 2003, the small memory dump file is used with the Windows Error Reporting feature. +The option records the smallest amount of information to help identify the problem. This option requires a paging file of at least 2 megabytes (MB) on the boot volume of your computer, and specifies that Windows will create a new file each time the system stops unexpectedly. A history of these files is stored in the folder that is listed under Small Dump Directory (%SystemRoot%\Minidump). In Windows XP and Windows Server 2003, the small memory dump file is used together with the Windows Error Reporting feature. To specify that you want to use a small memory dump file, run the following command or modify the registry value: @@ -123,7 +123,7 @@ To specify that you want to use a folder as your Small Dump Directory, run the f #### Kernel Memory Dump -The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the Overwrite any existing file check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer (although the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB; on a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB). The following table contains guidelines for the size of the paging file: +The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the **Overwrite any existing file** check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer However, the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB. On a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB. The following table provides guidelines for the size of the paging file: |RAM size |Paging file should be no smaller than| |-------|-----------------| @@ -156,9 +156,9 @@ To specify that you do not want to overwrite any previous kernel or complete mem #### Complete Memory Dump -The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers with 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default. +The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers that have 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default. -The extra MB is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full MB of space, but Windows sizes your paging file in increments of MBs. +The extra megabyte is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full megabyte of space, but Windows sizes your paging file in increments of megabytes. To specify that you want to use a complete memory dump file, run the following command or modify the registry value: @@ -185,25 +185,21 @@ To specify that you do not want to overwrite any previous kernel or complete mem - Set the **Overwrite** DWORD value to **0**. >[!Note] ->If you contact Microsoft Product Support Services about a stop error, you might be asked for the memory dump file that is generated by the Write Debugging Information option. +>If you contact Microsoft Support about a Stop error, you might be asked for the memory dump file that is generated by the Write Debugging Information option. -To view system failure and recovery settings for your local computer, type `wmic recoveros` at a command prompt, and then press Enter. To view system failure and recovery settings for a remote computer on your local area network, type `wmic /node: recoveros` at a command prompt, and then press Enter. +To view system failure and recovery settings for your local computer, type **wmic recoveros** at a command prompt, and then press Enter. To view system failure and recovery settings for a remote computer on your local area network, type **wmic /node: recoveros** at a command prompt, and then press Enter. >[!Note] ->To successfully use these Wmic.exe command line examples, you must be logged on by using a user account that has administrative rights on the computer. If you are not logged on by using a user account that has administrative rights on the computer, use the `/user:user_name` and `/password:password` switches. +>To successfully use these Wmic.exe command line examples, you must be logged on by using a user account that has administrative rights on the computer. If you are not logged on by using a user account that has administrative rights on the computer, use the **/user:user_name** and **/password:password** switches. ### Tips - To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature. -- If you set the Kernel Memory Dump or the -Complete Memory Dump option, and you select the -Overwrite any existing file check box, Windows always writes to the same file name. To save individual dump files, click to clear the -Overwrite any existing file check box, and then change the file name after each stop error. +- If you set the Kernel Memory Dump or the Complete Memory Dump option, and you select the **Overwrite any existing file** check box, Windows always writes to the same file name. To save individual dump files, click to clear the **Overwrite any existing file** check box, and then change the file name after each Stop error. -- You can save some memory if you click to clear the -Write an event to the system log and Send an administrative alert check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB. +- You can save some memory if you click to clear the **Write an event to the system log** and **Send an administrative alert** check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB. -## Reference +## References [Varieties of Kernel-Mode Dump Files](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/varieties-of-kernel-mode-dump-files) diff --git a/windows/client-management/troubleshoot-windows-startup.md b/windows/client-management/troubleshoot-windows-startup.md index 604a4e0c3a..70bda5a8f5 100644 --- a/windows/client-management/troubleshoot-windows-startup.md +++ b/windows/client-management/troubleshoot-windows-startup.md @@ -14,29 +14,29 @@ manager: dansimp # Advanced troubleshooting for Windows start-up issues -In these topics, you will learn how to troubleshoot common problems related to Windows start-up. +In these topics, you will learn how to troubleshoot common problems that are related to Windows startup. ## How it works -When Microsoft Windows encounters a condition that compromises safe system operation, the system halts. This condition is referred as Windows start-up problems. Furthermore, it is categorized in 3 buckets. +When Microsoft Windows experiences a condition that compromises safe system operation, the system halts. These Windows startup problems are categorized in the following groups: -- Bug check: It is also commonly referred to as a system crash, a kernel error, or a stop error. +- Bug check: Also commonly known as a system crash, a kernel error, or a Stop error. -- No Boot: Here the system may not produce a bug check but is unable to boot into Windows. +- No boot: The system may not produce a bug check but is unable to start up into Windows. -- Freeze: Also known as System Hang where +- Freeze: Also known as "system hang". -## Best Practices +## Best practices -To understand the underlaying cause of that lead to Windows start-up issues, it is important that the system is configured properly. Here are some best practices: +To understand the underlying cause of Windows startup problems, it's important that the system be configured correctly. Here are some best practices for configuration: ### Page file settings -- [Introduction to the page file](introduction-of-page-file.md) +- [Introduction of page file](introduction-page-file.md) - [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md) -### Memory Dump settings +### Memory dump settings - [Configure system failure and recovery options in Windows](system-failure-recovery-options.md) @@ -44,7 +44,7 @@ To understand the underlaying cause of that lead to Windows start-up issues, it ## Troubleshooting -These articles will walk you through the resources you need to troubleshoot Windows start-up issue. +These articles will walk you through the resources you need to troubleshoot Windows startup issues: - [Advanced troubleshooting for Windows boot problems](https://docs.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-boot-problems) From cdaed2d39e24d486c9c040cba87ba0a4c126ed56 Mon Sep 17 00:00:00 2001 From: "Alton(ius) Blom" Date: Wed, 4 Sep 2019 15:08:33 +1000 Subject: [PATCH 067/113] Update microsoft-recommended-block-rules.md updated typo in description. --- .../microsoft-recommended-block-rules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md index 6f92fd0056..8aae066fd4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md @@ -1,6 +1,6 @@ --- title: Microsoft recommended block rules (Windows 10) -description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Comntrol, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies. +description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Control, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies. keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy From 2d79cbbbb3e598a2c694bf97ed1e6014647b873e Mon Sep 17 00:00:00 2001 From: Tom Henderson Date: Wed, 4 Sep 2019 17:11:13 +1200 Subject: [PATCH 068/113] Update windows/security/threat-protection/auditing/audit-token-right-adjusted.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../threat-protection/auditing/audit-token-right-adjusted.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md index 1a3e4c8136..a4fb47fef4 100644 --- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md +++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md @@ -12,7 +12,7 @@ description: This topic for the IT professional describes the Advanced Security Audit Token Right Adjusted allows you to audit events generated by adjusting the privileges of a token. -For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/) +For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/). | Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments | |-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| From 316820791b6a332eaf798480eb40b452f69eddd4 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Wed, 4 Sep 2019 16:06:52 +0300 Subject: [PATCH 069/113] note ragarding Company Portal change https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3843 info found here: https://blogs.technet.microsoft.com/cbernier/2018/03/08/windows-information-protection-adding-the-intune-company-portal-for-windows-as-an-exempt-app/ --- .../enlightened-microsoft-apps-and-wip.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index 5ee54b85a9..3417119d1a 100644 --- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -82,6 +82,10 @@ Microsoft still has apps that are unenlightened, but which have been tested and - Skype for Business ## Adding enlightened Microsoft apps to the allowed apps list + +>[!NOTE] +>As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps. + You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and System Center Configuration Manager. From 41fe70518ee0ba9f549001a3d955662f4d1b37ba Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Wed, 4 Sep 2019 10:08:17 -0700 Subject: [PATCH 070/113] Update microsoft-defender-atp-mac-install-with-intune.md --- .../microsoft-defender-atp-mac-install-with-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 2f1cc97a92..21be43c179 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -170,7 +170,7 @@ Once the Intune changes are propagated to the enrolled devices, you can see them Issue: No license found -Solution: Follow steps above to create a device profile using WindowsDefenderATPOnboarding.xml +Solution: Follow the steps above to create a device profile using WindowsDefenderATPOnboarding.xml ## Logging installation issues From d61a15591a876de7ea4122f27f826dd572f12d71 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Wed, 4 Sep 2019 11:17:04 -0700 Subject: [PATCH 071/113] Update manage-surface-pro-3-firmware-updates.md --- .../manage-surface-pro-3-firmware-updates.md | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/devices/surface/manage-surface-pro-3-firmware-updates.md b/devices/surface/manage-surface-pro-3-firmware-updates.md index 0913c4266d..e37749103c 100644 --- a/devices/surface/manage-surface-pro-3-firmware-updates.md +++ b/devices/surface/manage-surface-pro-3-firmware-updates.md @@ -62,16 +62,3 @@ The individual driver files are also made available in the Microsoft Download Ce **Windows PE and Surface firmware and drivers** A best practice for deployment with any solution that uses the Windows Preinstallation Environment (WinPE), such as System Center Configuration Manager or MDT, is to configure WinPE with only the drivers that are required during the WinPE stage of deployment. These usually include drivers for network adapters and storage controllers. This best practice helps to prevent errors with more complex drivers that rely on components that are not present in WinPE. For Surface Pro 3 devices, this is especially true of the Touch Firmware. The Touch Firmware should never be loaded in a WinPE environment on Surface Pro 3. - -**Update Surface Pro 3 firmware offline through USB** - -In some early versions of Surface Pro 3 firmware, PXE boot performance can be quite slow. This has been resolved with updated firmware, but for organizations where firmware will be updated through operating system deployment, this issue is encountered before the updates can be deployed to the device. In this scenario, you can deploy updated firmware through a USB drive to ensure that when the operating system deployment is initiated, the network boot is quick, and deployment can complete in a timely fashion. To create a USB drive to update Surface Pro 3 firmware, see [How to Update the Surface Pro 3 Firmware Offline using a USB Drive](https://blogs.technet.microsoft.com/askpfeplat/2014/10/19/how-to-update-the-surface-pro-3-firmware-offline-using-a-usb-drive/) on the Ask Premier Field Engineering (PFE) Platforms TechNet Blog. - -  - -  - - - - - From 1f0df824b6b7e9836f5def1e0e7cba059bbf74f0 Mon Sep 17 00:00:00 2001 From: illfated Date: Wed, 4 Sep 2019 21:25:41 +0200 Subject: [PATCH 072/113] Microsoft Defender ATP: amend copy-paste error When using Microsoft Intune as part of the Defender ATP setup, it will become necessary to configure some controlled folder access. This bug looks like it could have been transferred from one of the other pages during editing, but I could not locate it easily enough. Anyway, the correct part of this step is to refer to -- Controlled folder access -- exactly as the page name points to. Thanks to jcampos79 for discovering this text-based bug. Closes #4854 --- .../microsoft-defender-atp/enable-controlled-folders.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md index a7ff6da08f..40cbdce038 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md @@ -55,7 +55,7 @@ For more information about disabling local list merging, see [Prevent or allow u > If controlled folder access is configured with Group Policy, PowerShell, or MDM CSPs, the state will change in the Windows Security app after a restart of the device. > If the feature is set to **Audit mode** with any of those tools, the Windows Security app will show the state as **Off**. ->If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive. +> If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive. ## Intune @@ -63,7 +63,7 @@ For more information about disabling local list merging, see [Prevent or allow u 1. Click **Device configuration** > **Profiles** > **Create profile**. 1. Name the profile, choose **Windows 10 and later** and **Endpoint protection**. ![Create endpoint protection profile](../images/create-endpoint-protection-profile.png) -1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**. +1. Click **Configure** > **Windows Defender Exploit Guard** > **Controlled folder access** > **Enable**. 1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**. ![Enable controlled folder access in Intune](../images/enable-cfa-intune.png) From a1c744a1db5968834e2177f84313a9f232cea898 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Wed, 4 Sep 2019 12:38:16 -0700 Subject: [PATCH 073/113] Update surface-hub-2s-connect.md --- devices/surface-hub/surface-hub-2s-connect.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index d3a17d2848..065c6d4b0a 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -23,11 +23,10 @@ You can display content from your devices to Surface Hub 2S. If the source devic ## Recommended wired configurations -In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. +In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some configuration may be required to optimize the video-out experience; refer to the section below: [Mirroring Surface Hub 2S display on another device](#). | **Connection** | **Functionality** | **Description**| | --- | --- | ---| -| USB-C
(via compute module) | Video-in
Video-out
Audio-in
Audio-out

TouchBack and InkBack | Provides video, audio, and TouchBack/InkBack on a single cable.

**NOTE:** Some configuration is required to optimize the video-out experience. Refer to the section below: [Mirroring Surface Hub 2S display on another device](#). | | HDMI + USB-C | HDMI-in for audio and video

USB-C for TouchBack and InkBack | USB-C supports TouchBack and InkBack with the HDMI A/V connection.

Use USB-C to USB-A to connect to legacy computers.

**NOTE:** For best results, connect HDMI before connecting a USB-C cable. If the computer you're using for HDMI is not compatible with TouchBack and InkBack, you won't need a USB-C cable. | | USB-C
(via compute module) | Video-in
Audio-in | Single cable needed for A/V

TouchBack and InkBack not supported

HDCP enabled | | HDMI (in port) | Video, Audio into Surface Hub 2S | Single cable needed for A/V

TouchBack and InkBack not supported

HDCP enabled | From 38375932c78d799e8ec553a5568e87ca41280e9d Mon Sep 17 00:00:00 2001 From: Derek Granito Date: Wed, 4 Sep 2019 13:32:42 -0700 Subject: [PATCH 074/113] Updated how to disable HVCI Prior guidance to disable HVCI was outdated --- ...le-virtualization-based-protection-of-code-integrity.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 91f7206e6d..384885c6d6 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -274,9 +274,12 @@ B. If you experience software or device malfunction after using the above proced C. If you experience a critical error during boot or your system is unstable after using the above procedure to turn on HVCI, you can recover using the Windows Recovery Environment (Windows RE). To boot to Windows RE, see [Windows RE Technical Reference](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference). After logging in to Windows RE, you can turn off HVCI by renaming or deleting the SIPolicy.p7b file from the file location in step 3 above and then restart your device. -## How to turn off HVCI on the Windows 10 Fall Creators Update +## How to turn off HVCI -1. Rename or delete the SIPolicy.p7b file located at C:\Windows\System32\CodeIntegrity. +1. Run the following command from an elevated prompt to set the HVCI registry key to off +``` command +reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f +``` 2. Restart the device. 3. To confirm HVCI has been successfully disabled, open System Information and check **Virtualization-based security Services Running**, which should now have no value displayed. From 019fb11c5f0edec8b22dfce4ed8e63c2169613cb Mon Sep 17 00:00:00 2001 From: Derek Granito Date: Wed, 4 Sep 2019 16:39:29 -0700 Subject: [PATCH 075/113] Update windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../enable-virtualization-based-protection-of-code-integrity.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 384885c6d6..1edd7842a6 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -277,7 +277,7 @@ C. If you experience a critical error during boot or your system is unstable aft ## How to turn off HVCI 1. Run the following command from an elevated prompt to set the HVCI registry key to off -``` command +```ini reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f ``` 2. Restart the device. From e0a346aebb3b172bc54e1a832ac9556118003a82 Mon Sep 17 00:00:00 2001 From: Toby Tu Date: Thu, 5 Sep 2019 11:11:03 +0800 Subject: [PATCH 076/113] update content of upgrade mbam2.5 sp1 --- mdop/mbam-v25/upgrade-mbam2.5-sp1.md | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md index 51719e8cbe..18e3f0554a 100644 --- a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md +++ b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md @@ -28,23 +28,39 @@ In this guide, we will use a two-server configuration. One server will be a data 1. Identify the MBAM application pool service account that's used by IIS web servers to read and write data to MBAM databases. 2. Identify the groups that are used during the MBAM web features configuration and the reports web service URL. -3. Identify the SQL Server name and instance name. +3. Identify the SQL Server name and instance name. Watch this video to learn more. + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ANP1] -4. Identify the SQL Server Reporting Services Account that's used for reading compliance data from the Compliance and Audit database. + +4. Identify the SQL Server Reporting Services Account that's used for reading compliance data from the Compliance and Audit database. Watch this video to learn more. + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALdZ] ## Upgrade the MBAM infrastructure to the latest version available +MBAM Server infrastructure installation or upgrade is always performed in the order listed below: + +- SQL Server Database Engine: Databases +- SQL Server Reporting Services: Reports +- Web Server: Web Applications +- SCCM Server: SCCM Integrated Reports if applicable +- Clients: MBAM Agent or Client Update +- Group Policy Templates: Update the existing Group Policy with new templates and enable new settings on existing MBAM Group Policy + > [!NOTE] > We recommend that you create a full database backup of the MBAM databases before you run the upgrades. -### Upgrade the MBAM SQL Server server +### Upgrade the MBAM SQL Server -> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALew] +Watch this video to learn how to upgrade the MBAM SQL Server: -### Upgrade the MBAM web server + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALew] -> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALex] +### Upgrade the MBAM Web Server + +Watch this video to learn how to upgrade the MBAM Web Server: + + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALex] ## More information From e9c02d4d385d4fbe2e892bfda54d5100ecf59461 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Thu, 5 Sep 2019 10:39:32 +0500 Subject: [PATCH 077/113] Removed bullet Removed bullet as it was not making any sense. --- .../recommended-network-definitions-for-wip.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 80814f122c..892ae14cb1 100644 --- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -35,7 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc |-----------------------------|---------------------------------------------------------------------| |Office 365 for Business |
  • contoso.sharepoint.com
  • contoso-my.sharepoint.com
  • contoso-files.sharepoint.com
  • tasks.office.com
  • protection.office.com
  • meet.lync.com
  • teams.microsoft.com
| |Yammer |
  • www.yammer.com
  • yammer.com
  • persona.yammer.com
| -|Outlook Web Access (OWA) |
  • attachments.office.net
| +|Outlook Web Access (OWA) |
    attachments.office.net
| |Microsoft Dynamics |contoso.crm.dynamics.com | |Visual Studio Online |contoso.visualstudio.com | |Power BI |contoso.powerbi.com | From 02bc6ad266e2ec3f5b9d24f54749111f2d946feb Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Thu, 5 Sep 2019 10:40:43 +0500 Subject: [PATCH 078/113] format setting a minor format setting --- .../recommended-network-definitions-for-wip.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 892ae14cb1..fab8cb5a31 100644 --- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -35,7 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc |-----------------------------|---------------------------------------------------------------------| |Office 365 for Business |
  • contoso.sharepoint.com
  • contoso-my.sharepoint.com
  • contoso-files.sharepoint.com
  • tasks.office.com
  • protection.office.com
  • meet.lync.com
  • teams.microsoft.com
| |Yammer |
  • www.yammer.com
  • yammer.com
  • persona.yammer.com
| -|Outlook Web Access (OWA) |
    attachments.office.net
| +|Outlook Web Access (OWA) |attachments.office.net | |Microsoft Dynamics |contoso.crm.dynamics.com | |Visual Studio Online |contoso.visualstudio.com | |Power BI |contoso.powerbi.com | From 3d1d43ab67292626290b9493faf7db2b83ebb6b8 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Thu, 5 Sep 2019 10:14:01 +0300 Subject: [PATCH 079/113] Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../enlightened-microsoft-apps-and-wip.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index 3417119d1a..e93deb6f24 100644 --- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -84,7 +84,7 @@ Microsoft still has apps that are unenlightened, but which have been tested and ## Adding enlightened Microsoft apps to the allowed apps list >[!NOTE] ->As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps. +> As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps. You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and System Center Configuration Manager. From 2541efab6ecdaabf209249ca66079e66b68880df Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Thu, 5 Sep 2019 10:14:11 +0300 Subject: [PATCH 080/113] Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../enlightened-microsoft-apps-and-wip.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index e93deb6f24..6ae66b3225 100644 --- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -83,7 +83,7 @@ Microsoft still has apps that are unenlightened, but which have been tested and ## Adding enlightened Microsoft apps to the allowed apps list ->[!NOTE] +> [!NOTE] > As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps. You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and System Center Configuration Manager. From 8d9a0603f4299ad8d2b3205f76957603c71a8c2c Mon Sep 17 00:00:00 2001 From: Jan Kulbe Date: Thu, 5 Sep 2019 12:53:35 +0200 Subject: [PATCH 081/113] sample script syntax error due to ASCII codes for quotes sample script filter syntax contained ASCII codes for single quotes instead of actual quotes, causing the Get-CimInstance commands to error out. --- ...-scripting-with-the-wmi-bridge-provider.md | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md index 300711d733..5bdd2eaf0f 100644 --- a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md +++ b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md @@ -50,17 +50,17 @@ New-CimInstance -Namespace $namespaceName -ClassName $className -Property @{Pare Get-CimInstance -Namespace $namespaceName -ClassName $className # Query instances with matching properties -Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" +Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" # Modify existing instance -$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" +$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" $obj.WLANScanMode=500 Set-CimInstance -CimInstance $obj # Delete existing instance try { - $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" + $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" Remove-CimInstance -CimInstance $obj } catch [Exception] @@ -113,9 +113,9 @@ $session = New-CimSession # Create a new instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $newInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $newInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $newInstance.CimInstanceProperties.Add($property) $property = [Microsoft.Management.Infrastructure.CimProperty]::Create("AllowEAPCertSSO", 1, "Sint32", "Property") $newInstance.CimInstanceProperties.Add($property) @@ -138,9 +138,9 @@ $session.EnumerateInstances($namespaceName, $className, $options) # with matching properties ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -155,9 +155,9 @@ catch [Exception] # Modify existing instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -174,9 +174,9 @@ catch [Exception] # Delete existing instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -209,7 +209,7 @@ $params.Add($param) try { - $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'" + $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'" $session.InvokeMethod($namespaceName, $instance, $methodName, $params) } catch [Exception] From e743b8bace2561b310eb157fcca31bee61d8be4b Mon Sep 17 00:00:00 2001 From: illfated Date: Thu, 5 Sep 2019 20:57:16 +0200 Subject: [PATCH 082/113] Update how-windows-update-works.md: amend typo Simple typo correction, along with a few MarkDown codestyle corrections for MD blockquote (`>`) indenting. - typo correction: initates -> initiates - codestyle corrections: 3 MarkDown blockquote indentations amended Thanks to Jessie Gouw (jessiegouw) for reporting the typo. Closes #4866 --- .../deployment/update/how-windows-update-works.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md index 0cce8e0389..e71e615d1f 100644 --- a/windows/deployment/update/how-windows-update-works.md +++ b/windows/deployment/update/how-windows-update-works.md @@ -16,7 +16,7 @@ ms.topic: article # How does Windows Update work? ->Applies to: Windows 10 +> Applies to: Windows 10 The Windows Update workflow has four core areas of functionality: @@ -35,7 +35,7 @@ The Windows Update workflow has four core areas of functionality: ### Install -1. Orchestrator initates the installation. +1. Orchestrator initiates the installation. 2. The arbiter calls the installer to install the package. @@ -96,8 +96,8 @@ When users start scanning in Windows Update through the Settings panel, the foll ![Windows Update scan log 2](images/update-scan-log-2.png) - Common service IDs - >[!IMPORTANT] - >ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses. + > [!IMPORTANT] + > ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses. |Service|ServiceId| |-------|---------| @@ -116,8 +116,8 @@ Common update failure is caused due to network issues. To find the root of the i - "SOAP faults" can be either client- or server-side issues; read the message. - The WU client uses SLS (Service Locator Service) to discover the configurations and endpoints of Microsoft network update sources – WU, MU, Flighting. - >[!NOTE] - >Warning messages for SLS can be ignored if the search is against WSUS/SCCM. + > [!NOTE] + > Warning messages for SLS can be ignored if the search is against WSUS/SCCM. - On sites that only use WSUS/SCCM, the SLS may be blocked at the firewall. In this case the SLS request will fail, and can’t scan against Windows Update or Microsoft Update but can still scan against WSUS/SCCM, since it’s locally configured. ![Windows Update scan log 3](images/update-scan-log-3.png) From 9a9d64ebaada1329a28cd248881cab9a088eaeba Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 6 Sep 2019 07:56:11 -0700 Subject: [PATCH 083/113] Updates per support requests --- devices/surface-hub/surface-hub-2s-connect.md | 2 +- .../surface-hub/whiteboard-collaboration.md | 60 +++++++++---------- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index 065c6d4b0a..500be048ca 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -67,7 +67,7 @@ You can input video to Surface Hub 2S using USB-C or HDMI, as indicated in the f ## Mirroring Surface Hub 2S display on another device -You can output video to another display using either USB-C or MiniDP, as indicated in the following table. +You can output video to another display using MiniDP, as indicated in the following table. ### Surface Hub 2S video-out settings diff --git a/devices/surface-hub/whiteboard-collaboration.md b/devices/surface-hub/whiteboard-collaboration.md index e921c71e09..c5e5a979bf 100644 --- a/devices/surface-hub/whiteboard-collaboration.md +++ b/devices/surface-hub/whiteboard-collaboration.md @@ -14,55 +14,55 @@ ms.localizationpriority: medium # Set up and use Microsoft Whiteboard +# Set up and use Microsoft Whiteboard +The Microsoft Whiteboard app includes the capability for Surface Hubs and other devices to collaborate in real time on the same board. ->[!IMPORTANT] ->A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen has been renamed **Microsoft Whiteboard 2016**. Microsoft Whiteboard 2016 will be automatically upgraded by May 21, 2019, and the collaboration service for the legacy app will stop functioning after June 7, 2019. For more details, see [Enable Microsoft Whiteboard on Surface Hub](https://support.office.com/article/enable-microsoft-whiteboard-on-surface-hub-b5df4539-f735-42ff-b22a-0f5e21be7627?ui=en-US&rs=en-US&ad=US). +## Prerequisites -The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board. +To use whiteboard collaboration complete the following actions: -By ensuring that your organization meets the prerequisites, users can then ink, collaborate, and ideate together. +- Add Whiteboard.ms, whiteboard.microsoft.com, and wbd.ms to your list of allowed sites. +- Open port: **HTTPS: 443** (normally configured when you first run Surface Hub.) -![example of a whiteboard with collaborative inking](images/wb-collab-example.png) +## Office 365 requirements -## Prerequisites for Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016) +- Whiteboard collaboration is only supported in the Office 365 commercial environment and requires Office 365 with cloud-based Azure Active Directory (Azure AD). +- You can only run collaborative sessions among users belonging to the same Office 365 tenant. +- Office 365 Germany or Office 365 operated by 21Vianet do not support whiteboard collaboration. -To get Whiteboard to Whiteboard collaboration up and running, you’ll need to make sure your organization meets the following requirements: - -- Office 365 with cloud-based Azure Active Directory (Azure AD) for all users -- OneDrive for Business deployed for all users who intend to collaborate -- Currently not utilizing Office 365 Germany or Office 365 operated by 21Vianet -- Surface Hub needs to be updated to Windows 10, version 1607 or newer -- Port 443 needs to be open since Whiteboard makes standard https requests -- Whiteboard.ms, whiteboard.microsoft.com, wbd.ms, \*.onenote.com, and your company's SharePoint tenant domain URLs need to be whitelisted for proxies - - ->[!NOTE] ->Collaborative sessions can only take place between users within the same tenant, so users outside of your organization won’t be able to join even if they have a Surface Hub. - -## Using Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016) +## Using Whiteboard collaboration To start a collaboration session: 1. In the Whiteboard app, tap the **Sign in** button. 2. Sign in with your organization ID. 3. Tap the **Invite** button next to your name at the top of the app. -4. Tap **Start session**. Whiteboard will generate a link that you can share. +4. Write or type the names of the colleagues you wish to collaborate with. - ![screenshot of the link dialog box on whiteboard](images/wb-collab-link.png) - -5. Copy and paste this link into a Skype chat with another Surface Hub +On the other device, such as a Surface Hub, when you are signed in, the shared board will now appear in the board gallery. -When the other Surface Hub receives the link, the recipient can tap on the link, sign in to Whiteboard, and then begin collaborating. You can copy and paste other content, use smart ink features like Ink to Shape, and co-author together. - -After you’re done, you can export a copy of the Whiteboard collaboration for yourself through the Share charm and leave the board for others to continue working. - ->[!TIP] ->When you start a collaboration session, Whiteboard creates a folder named **Whiteboard App Data** in your OneDrive for Business to store your shared whiteboards. After some collaboration sessions, this folder may continue to sync or process changes indefinitely. You can fix this by choosing to not sync the **Whiteboard App Data** folder to your device. Disabling sync for this folder won't limit your ability to use Whiteboard for collaboration sessions. +### User tips +- Log in to access your whiteboards. As you work, changes are saved automatically. +- Name your whiteboards to help organize your content and find it quickly. Select the … to open the menu. Select the **Options** gear icon to access more tools and features of the Whiteboard. +- Use **Ink to shape** to turn drawing into actual shapes like circles, squares, and triangles. +- Use **Ink to table** to turn a drawn grid into a table with rows and columns. +- You can also change the background color and design from solid to grid or dots. Pick the background, then choose the color from the wheel around it. +- You can export a copy of the Whiteboard collaboration for yourself through the Share charm and leave the board for others to continue working. +> [!NOTE] +> If you are using Whiteboard and cannot sign in, you can collaborate by joining a Teams or Skype for Business meeting, and then sharing your screen. After you’re done, tap **Settings** > **Export to email** or save a copy of the board. The SVG export provides higher resolution than PNG and can be opened in a web browser. +## New features in Whiteboard +The Microsoft Whiteboard app, updated for Surface Hub on July 1, 2019 includes a host of new features including: +- **Automatic Saving** - Boards are saved to the cloud automatically when you sign in, and can be found in the board gallery. +- **Extended collaboration across devices** - You can collaborate using new apps for Windows 10 PC and iOS, and a web version for other devices. +- **Richer canvas** - In addition to ink and images, Whiteboard now includes sticky notes, text and GIFs, with more objects coming soon. +- **Intelligence** – In addition to ink to shape and table, Whiteboard now includes ink beautification to improve handwriting and ink grab to convert images to ink. +- **More color and background options** - Whiteboard now includes more pen colors and thickness options along with additional background colors and designs. +- **Teams Integration** – You can automatically launch Whiteboard from a Teams meeting and share with participants (currently in preview). ## Related topics From 048aef2bb2d7bfb826fc3c233ecca7f9e818081f Mon Sep 17 00:00:00 2001 From: jdgregson Date: Fri, 6 Sep 2019 12:42:24 -0700 Subject: [PATCH 084/113] Moved '.' syntax description to a separate table --- .../configure-wd-app-guard.md | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md index c39a63739c..4ec0350808 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md @@ -33,9 +33,17 @@ These settings, located at **Computer Configuration\Administrative Templates\Net |Policy name|Supported versions|Description| |-----------|------------------|-----------| |Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| -|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: 1) Include a full domain name in the configuration, for example **www.contoso.com**, to trust only in this literal value. 2) You may optionally use "." as a wildcard character to automatically trust subdomains on only one level of the domain hierarchy that is to the left of the dot. Configuring **".constoso.com"** will automatically trust **"local.contoso.com"**, **"shop.contoso.com"**, and all other values on the left. 3) You may optionally use ".." as a wildcard character to automatically trust subdomains on all the levels of the domain hierarchy that are to the left of the dots. Configuring **"..constoso.com"** will automatically trust **"us.shop.contoso.com"**, **"trainning.contoso.com"**, and all other values on the left. | -|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment.| - +|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| +|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Notes: this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| + +## Network isolation settings wildcards + +|Value|Number of dots to the left|Meaning| +|-----|--------------------------|-------| +|contoso.com|0|Trust only the literal value of **contoso.com**.| +|www.contoso.com|0|Trust only the literal value of **www.contoso.com**.| +|.contoso.com|1|Trust any domain that ends with the text **contoso.com**. Matching sites include **spearphishingcontoso.com**, **contoso.com**, and **www.contoso.com**.| +|..contoso.com|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include **shop.contoso.com**, **us.shop.contoso.com**, **www.us.shop.contoso.com**, but NOT **contoso.com** itself.| ## Application-specific settings These settings, located at **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard**, can help you to manage your company's implementation of Application Guard. From 2cb5c072a68df3079fca8e9a27ff494860d6ee5c Mon Sep 17 00:00:00 2001 From: Marty Hernandez Avedon Date: Fri, 6 Sep 2019 16:46:57 -0400 Subject: [PATCH 085/113] fixes #4760, broken table The formatting was broken because a pipe character was in the wrong place. There was also an extra row due to double spacing below the table. --- ...curity-configure-encryption-types-allowed-for-kerberos.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md index 8a376e6b4f..d3d0816760 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md @@ -35,14 +35,13 @@ The following table lists and explains the allowed encryption types. | Encryption type | Description and version support | | - | - | -| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES| by default. +| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. | | DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. | | RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function
Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2.| | AES128_HMAC_SHA1| Advanced Encryption Standard in 128 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. | | AES256_HMAC_SHA1| Advanced Encryption Standard in 256 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. | | Future encryption types| Reserved by Microsoft for additional encryption types that might be implemented.| -  - + ### Possible values From 5b96a119d9bff60076b32884643cfca4fcd5f227 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Fri, 6 Sep 2019 18:40:31 -0700 Subject: [PATCH 086/113] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190906173611 (#1061) (#1062) --- .../resolved-issues-windows-10-1607.yml | 6 +++--- .../resolved-issues-windows-10-1703.yml | 6 +++--- .../resolved-issues-windows-10-1709.yml | 6 +++--- .../resolved-issues-windows-10-1803.yml | 6 +++--- ...-issues-windows-10-1809-and-windows-server-2019.yml | 6 +++--- .../resolved-issues-windows-10-1903.yml | 10 +++++----- .../status-windows-10-1607-and-windows-server-2016.yml | 6 +++--- windows/release-information/status-windows-10-1703.yml | 6 +++--- windows/release-information/status-windows-10-1709.yml | 6 +++--- windows/release-information/status-windows-10-1803.yml | 6 +++--- .../status-windows-10-1809-and-windows-server-2019.yml | 6 +++--- windows/release-information/status-windows-10-1903.yml | 10 +++++----- 12 files changed, 40 insertions(+), 40 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 08b49123c4..6f92dbe2b1 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,9 +32,9 @@ sections: - type: markdown text: "
MessageDate
Resolved: Delays starting Internet Explorer 11
On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.

This issue was resolved on the server side at 1:00 pm PST. 
August 16, 2019
04:00 PM PT
Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
August 23, 2019
03:35 PM PT
Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019
The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
August 23, 2019
02:17 PM PT
Resolved: Delays starting Internet Explorer 11
On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.

This issue was resolved on the server side at 1:00 pm PST. 
August 16, 2019
04:00 PM PT
August 2019 security update now available for Windows 10, version 1903 and all supported versions of Windows
The August 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. A “B” release is the primary, regular update event for each month and is the only regular release that contains security fixes. As a result, we recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
August 13, 2019
10:00 AM PT
Advisory: Bluetooth encryption key size vulnerability disclosed (CVE-2019-9506)
On August 13, 2019, Microsoft released security updates to address a Bluetooth key length encryption vulnerability. To exploit this vulnerability, an attacker would need specialized hardware and would be limited by the signal range of the Bluetooth devices in use. For more information about this industry-wide issue, see CVE-2019-9506 | Bluetooth Encryption Key Size Vulnerability in the Microsoft Security Update Guide and important guidance for IT pros in KB4514157. (Note: we are documenting this vulnerability together with guidance for IT admins as part of a coordinated industry disclosure effort.)
August 13, 2019
10:00 AM PT
Advisory: Windows Advanced Local Procedure Call Elevation of Privilege vulnerability disclosed (CVE-2019-1162)
On August 13, 2019, Google Project Zero (GPZ) disclosed an Elevation of Privilege (EoP) vulnerability in how Windows handles calls to Advanced Local Procedure Call (ALPC) that affects Windows operating systems, versions 8.1 and higher. An attacker must already have code execution on the target system to leverage these vulnerabilities. Microsoft released security updates on August 13, 2019 that partially address this issue. Other items disclosed by GPZ require more time to address and we are working to release a resolution in mid-September. For more information, see CVE-2019-1162 | Windows ALPC Elevation of Privilege Vulnerability
August 13, 2019
10:00 AM PT
Take action: Install required updates for Windows 7 SP1 and Windows Server 2008 RS2 SP1 for SHA-2 code sign support
As of August 13, 2019, Windows 7 SP1 and Windows Server 2008 R2 SP1 updates signatures only support SHA-2 code signing. As outlined in 2019 SHA-2 Code Signing Support requirement for Windows and WSUS, we are requiring that SHA-2 code signing support be installed. If you have Windows Update enabled and have applied the security updates released in March 2019 (KB4490628) and August 2019 (KB4474419), you are protected automatically; no further configuration is necessary. If you have not installed the March 2019 updates, you will need to do so in order to continue to receive updates on devices running Windows 7 SP1 and Windows Server 2008 R2 SP1.
August 13, 2019
10:00 AM PT
Take action: Windows 10, version 1803 (the April 2018 Update) reaches end of service on November 12, 2019
Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019 for Home and Pro editions. We will begin updating devices running Windows 10, version 1803 to Windows 10, version 1903 (the May 2019 Update) starting July 16, 2019 to help ensure that these devices remain in a serviced and secure state. For more information, see the Windows 10, version 1903 section of the Windows release health dashboard.
August 13, 2019
10:00 AM PT
Advisory: Windows Kernel Information Disclosure Vulnerability (CVE-2019-1125)
On July 9, 2019, Microsoft released a security update for a Windows kernel information disclosure vulnerability (CVE-2019-1125). Customers who have Windows Update enabled and have applied the security updates released on July 9, 2019 are protected automatically; no further configuration is necessary. For more information, see CVE-2019-1125 | Windows Kernel Information Disclosure Vulnerability in the Microsoft Security Update Guide. (Note: we are documenting this mitigation publicly today, instead of back in July, as part of a coordinated industry disclosure effort.)
August 06, 2019
10:00 AM PT
Resolved August 1, 2019 16:00 PT: Microsoft Store users may encounter blank screens when clicking on certain buttons
Some customers running the version of the Microsoft Store app released on July 29, 2019 encountered a blank screen when selecting “Switch out of S mode,” “Get Genuine,” or some “Upgrade to [version]” OS upgrade options. This issue has now been resolved and a new version of the Microsoft Store app has been released. Users who encountered this issue will need to update the Microsoft Store app on their device. If you are still encountering an issue, please see Fix problems with apps from Microsoft Store.
August 01, 2019
02:00 PM PT
Reminder: Windows 10 update servicing cadence
This month we received questions about the cadence of updates we released in April and May 2019. Here's a quick recap of our releases and servicing cadence:
  • April 9, 2019 was the regular Update Tuesday release for all versions of Windows.
    • -
  • May 1, 2019 was an \"optional,\" out of band non-security update (OOB) for Windows 10, version 1809. It was released to Microsoft Catalog and WSUS, providing a critical fix for our OEM partners.
    • -
  • May 3, 2019 was the \"optional\" Windows 10, version 1809 \"C\" release for April. This update contained important Japanese era packages for commercial customers to preview. It was released later than expected and mistakenly targeted as \"required\" (instead of \"optional\") for consumers, which pushed the update out to customers and required a reboot. Within 24 hours of receiving customer reports, we corrected the targeting logic and mitigated the issue.
    • +
  • May 1, 2019 was an \\\"optional,\\\" out of band non-security update (OOB) for Windows 10, version 1809. It was released to Microsoft Catalog and WSUS, providing a critical fix for our OEM partners.
    • +
  • May 3, 2019 was the \\\"optional\\\" Windows 10, version 1809 \\\"C\\\" release for April. This update contained important Japanese era packages for commercial customers to preview. It was released later than expected and mistakenly targeted as \\\"required\\\" (instead of \\\"optional\\\") for consumers, which pushed the update out to customers and required a reboot. Within 24 hours of receiving customer reports, we corrected the targeting logic and mitigated the issue.
For more information about the Windows 10 update servicing cadence, please see the Window IT Pro blog.
May 10, 2019
10:00 AM PT

Windows Server Features

.NET Framework 4.5 features:

    -

  • .NET Framework 4.5

    +

  • .NET Framework 4.5 or 4.6

      +

    • Windows Server 2016 - .NET Framework 4.6 is already installed for these versions of Windows Server, but you must enable it.

    • Windows Server 2012 or Windows Server 2012 R2 - .NET Framework 4.5 is already installed for these versions of Windows Server, but you must enable it.

    • Windows Server 2008 R2 - .NET Framework 4.5 is not included with Windows Server 2008 R2, so you must [download Microsoft .NET Framework 4.5](https://go.microsoft.com/fwlink/?LinkId=392318) and install it separately.

      @@ -273,7 +274,7 @@ The following table lists the installation prerequisites for the MBAM Administra

    • WCF Activation

      • HTTP Activation

        • -

      • Non-HTTP Activation

        +

      • Non-HTTP Activation (Only for Windows Server 2008, 2012 or 2012 R2)

    • TCP Activation

      • From d01f687a1afb0de374e13f146ea16c77a1779d18 Mon Sep 17 00:00:00 2001 From: illfated Date: Sun, 25 Aug 2019 19:59:41 +0200 Subject: [PATCH 017/113] Enterprise Mode schema: duplicate https usage - Resolve duplicate use of https where both http and https was intended - MarkDown code fence XML tag corrections - Replace HTML `
      ` codes with NewLine - Remove redundant space at the end of the version 2 file Resolves #4769 --- ...terprise-mode-schema-version-1-guidance.md | 8 +++---- ...terprise-mode-schema-version-2-guidance.md | 21 +++++++++---------- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md index 3e8e129b3d..e8ccaf7750 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md @@ -31,9 +31,9 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1. **Important**
      -Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both https://contoso.com and https://contoso.com. +Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com. -``` xml +```xml www.cpandl.com @@ -206,7 +206,7 @@ For example, say you want all of the sites in the contoso.com domain to open usi ### What not to include in your schema We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways: -- Don’t use protocols. For example, `https://`, `https://`, or custom protocols. They break parsing. +- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing. - Don’t use wildcards. - Don’t use query strings, ampersands break parsing. @@ -217,7 +217,7 @@ You can use trailing slashes at the path-level, but not at the domain-level: **Example** -``` xml +```xml contoso.com /about/ diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md index 17e4e860cf..37daded3cc 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md @@ -26,7 +26,8 @@ ms.date: 12/04/2017 Use the Enterprise Mode Site List Manager to create and update your site list for devices running Windows 7, Windows 8.1, and Windows 10, using the version 2.0 (v.2) of the Enterprise Mode schema. If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app. -**Important**
      +**Important** + If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). ## Enterprise Mode schema v.2 updates @@ -41,10 +42,11 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo ### Enterprise Mode v.2 schema example The following is an example of the v.2 version of the Enterprise Mode schema. -**Important**
      -Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both https://contoso.com and https://contoso.com. +**Important** + +Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com. -``` xml +```xml @@ -214,7 +216,7 @@ In this example, if https://contoso.com and https://contoso.com. +Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both http://contoso.com and https://contoso.com.

      Example 

       <site url="contoso.com:8080">
@@ -284,19 +286,16 @@ With:
 
 While the old, replaced attributes aren't supported in the v.2 version of the schema, they'll continue to work in the v.1 version of the schema. If, however, you're using the v.2 version of the schema and these attributes are still there, the v.2 version schema takes precedence. We don’t recommend combining the two schemas, and instead recommend that you move to the v.2 version of the schema to take advantage of the new features.
 
-**Important**
      
+**Important**
+
 Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
 
 ### What not to include in your schema
 We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
 
-- Don’t use protocols. For example, https://, https://, or custom protocols. They break parsing.
+- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
 - Don’t use wildcards.
 - Don’t use query strings, ampersands break parsing.
 
 ## Related topics
 - [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-

From e2e480c99bc8986dbbab82872ca8a4cb4fe9c6d9 Mon Sep 17 00:00:00 2001
From: illfated 
Date: Sun, 25 Aug 2019 20:13:29 +0200
Subject: [PATCH 018/113] Update: NewLine changes

- Remove extraneous NewLine breaks
- Remove missed HTML `
      ` code
---
 .../enterprise-mode-schema-version-1-guidance.md               | 2 +-
 .../enterprise-mode-schema-version-2-guidance.md               | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index e8ccaf7750..a4391db8b0 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -30,7 +30,7 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th
 ## Enterprise Mode schema v.1 example
 The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
 
-**Important**
      
+**Important**
 Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com.
 
 ```xml
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
index 37daded3cc..489ffd391d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
@@ -27,7 +27,6 @@ ms.date: 12/04/2017
 Use the Enterprise Mode Site List Manager to create and update your site list for devices running Windows 7, Windows 8.1, and Windows 10, using the version 2.0 (v.2) of the Enterprise Mode schema. If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app.
 
 **Important**
-
 If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md).
 
 ## Enterprise Mode schema v.2 updates
@@ -43,7 +42,6 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo
 The following is an example of the v.2 version of the Enterprise Mode schema.
 
 **Important**
-
 Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com.
  
 ```xml
@@ -287,7 +285,6 @@ With:
 While the old, replaced attributes aren't supported in the v.2 version of the schema, they'll continue to work in the v.1 version of the schema. If, however, you're using the v.2 version of the schema and these attributes are still there, the v.2 version schema takes precedence. We don’t recommend combining the two schemas, and instead recommend that you move to the v.2 version of the schema to take advantage of the new features.
 
 **Important**
-
 Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
 
 ### What not to include in your schema

From b88f2c81d1625262475ea6292b8e81af2e1735ea Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Mon, 26 Aug 2019 16:34:45 +0500
Subject: [PATCH 019/113] Update credential-guard-manage.md

---
 .../credential-guard/credential-guard-manage.md               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index a583960ecd..b8b2673d47 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -113,7 +113,7 @@ You can do this by using either the Control Panel or the Deployment Image Servic
 You can also enable Windows Defender Credential Guard by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
 
 ```
-DG_Readiness_Tool_v3.5.ps1 -Enable -AutoReboot
+DG_Readiness_Tool_v3.6.ps1 -Enable -AutoReboot
 ```
 > [!IMPORTANT]
 > When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. 
@@ -136,7 +136,7 @@ You can view System Information to check that Windows Defender Credential Guard
 You can also check that Windows Defender Credential Guard is running by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
 
 ```
-DG_Readiness_Tool_v3.5.ps1 -Ready
+DG_Readiness_Tool_v3.6.ps1 -Ready
 ```
 > [!IMPORTANT]
 > When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `*$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSAch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. 

From c68106b37ce73468593f2ed7d73e363262cb592d Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Mon, 26 Aug 2019 17:22:11 +0500
Subject: [PATCH 020/113] Update event-5155.md

---
 .../threat-protection/auditing/event-5155.md  | 128 ++++++++++++++----
 1 file changed, 105 insertions(+), 23 deletions(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 934f310147..de9e17504d 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -24,35 +24,47 @@ By default Windows firewall won't prevent a port from being listened by an appli
 
 You can add your own filters using the WFP APIs to block listen to reproduce this event: .
 
-There is no event example in this document.
-
 ***Subcategory:*** [Audit Filtering Platform Connection](audit-filtering-platform-connection.md)
 
-***Event Schema:***
+***Event Description:***
 
-*The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.*
+This event generates every time [Windows Filtering Platform](https://docs.microsoft.com/windows/win32/fwp/windows-filtering-platform-start-page) blocks an application or service from listening on a port for incoming connections.
 
-*Application Information:*
+
      
 
-> *Process ID:%1*
->
-> *Application Name:%2*
+***Event XML:***
+```
+
+    
+        
+        5155
+        0
+        0
+        12810
+        0
+        0x8010000000000000
+        
+        42196
+        
+        
+        Security
+        NATHAN-AGENT2
+        
+    
+    
+        2628
+        \device\harddiskvolume2\users\test\desktop\netcat\nc.exe
+        0.0.0.0
+        5555
+        6
+        84576
+        %%14609
+        40
+    
+
 
-*Network Information:*
-
-> *Source Address:%3*
->
-> *Source Port:%4*
->
-> *Protocol:%5*
-
-*Filter Information:*
-
-> *Filter Run-Time ID:%6*
->
-> *Layer Name:%7*
->
-> *Layer Run-Time ID:%8*
+```
 
 ***Required Server Roles:*** None.
 
@@ -60,6 +72,76 @@ There is no event example in this document.
 
 ***Event Versions:*** 0.
 
+***Field Descriptions:***
+
+**Application Information**:
+
+-   **Process ID** \[Type = Pointer\]: hexadecimal Process ID of the process which was permitted to bind to the local port. Process ID (PID) is a number used by the operating system to uniquely identify an active process. To see the PID for a specific process you can, for example, use Task Manager (Details tab, PID column):
+
+    Task manager illustration
+
+    If you convert the hexadecimal value to decimal, you can compare it to the values in Task Manager.
+
+    You can also correlate this process ID with a process ID in other events, for example, “[4688](event-4688.md): A new process has been created” **Process Information\\New Process ID**.
+
+
+
+-   **Application Name** \[Type = UnicodeString\]**:** full path and the name of the executable for the process.
+
+    Logical disk is displayed in format \\device\\harddiskvolume\#. You can get all local volume numbers by using **diskpart** utility. The command to get volume numbers using diskpart is “**list volume”**:
+
+DiskPart illustration
+
+**Network Information:**
+
+-   **Source Address** \[Type = UnicodeString\]**:** the local IP address of the computer running the application.
+
+    -   IPv4 Address
+
+    -   IPv6 Address
+
+    -   :: - all IP addresses in IPv6 format
+
+    -   0.0.0.0 - all IP addresses in IPv4 format
+
+    -   127.0.0.1 , ::1 - localhost
+
+-   **Source Port** \[Type = UnicodeString\]**:** the port number used by the application.
+
+-   **Protocol** \[Type = UInt32\]: the protocol number being used.
+
+| Service                                            | Protocol Number |
+|----------------------------------------------------|-----------------|
+| Internet Control Message Protocol (ICMP)           | 1               |
+| Transmission Control Protocol (TCP)                | 6               |
+| User Datagram Protocol (UDP)                       | 17              |
+| General Routing Encapsulation (PPTP data over GRE) | 47              |
+| Authentication Header (AH) IPSec                   | 51              |
+| Encapsulation Security Payload (ESP) IPSec         | 50              |
+| Exterior Gateway Protocol (EGP)                    | 8               |
+| Gateway-Gateway Protocol (GGP)                     | 3               |
+| Host Monitoring Protocol (HMP)                     | 20              |
+| Internet Group Management Protocol (IGMP)          | 88              |
+| MIT Remote Virtual Disk (RVD)                      | 66              |
+| OSPF Open Shortest Path First                      | 89              |
+| PARC Universal Packet Protocol (PUP)               | 12              |
+| Reliable Datagram Protocol (RDP)                   | 27              |
+| Reservation Protocol (RSVP) QoS                    | 46              |
+
+**Filter Information:**
+
+-   **Filter Run-Time ID** \[Type = UInt64\]: unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding by an application, and if this application doesn’t match any filters, you will get value 0 in this field.
+
+    To find specific Windows Filtering Platform filter by ID you need to execute the following command: **netsh wfp show filters**. As a result of this command, **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**)**,** for example:
+
+    Filters.xml file illustration
+
+-   **Layer Name** \[Type = UnicodeString\]: [Application Layer Enforcement](https://msdn.microsoft.com/library/windows/desktop/aa363971(v=vs.85).aspx) layer name.
+
+-   **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find specific Windows Filtering Platform layer ID you need to execute the following command: **netsh wfp show state**. As result of this command **wfpstate.xml** file will be generated. You need to open this file and find specific substring with required layer ID (**<layerId>**)**,** for example:
+
+Wfpstate xml illustration
+
 ## Security Monitoring Recommendations
 
 -   If you use Windows Filtering Platform APIs to block application or services from listening on a port, then you can use this event for troubleshooting and monitoring.

From 2c1ded87d40b6b477a534ab7c699d68d246e4f4e Mon Sep 17 00:00:00 2001
From: Michael Niehaus 
Date: Tue, 27 Aug 2019 08:53:20 -0400
Subject: [PATCH 021/113] Update windows-autopilot-requirements.md

Separated the Windows Autopilot deployment service and Windows Activation items into two separate rows to make it easier to read.
---
 .../windows-autopilot/windows-autopilot-requirements.md    | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
index 9aa928f3f9..1baaf03dea 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md
@@ -46,9 +46,10 @@ Windows Autopilot depends on a variety of internet-based services. Access to the
 In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the required services. For additional details about each of these services and their specific requirements, review the following details:
 
 
-      
-      
-      
-      
-      
-      
      ServiceInformation
-
      Windows Autopilot Deployment Service and Windows ActivationAfter a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service.  With Windows 10 builds 18204 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com. 
      
-    
-For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about problems that might occur when you connect to the Internet through a proxy server.
+
      Windows Autopilot Deployment ServiceAfter a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service.  With Windows 10 version 1903 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com. 
      
+
+
      Windows ActivationWindows Autopilot also requires Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about the URLs that need to be accessible for the activation services.
      
+
 
      Azure Active DirectoryUser credentials are validated by Azure Active Directory, and the device can also be joined to Azure Active Directory. See Office 365 IP Address and URL Web service for more information.
 
      IntuneOnce authenticated, Azure Active Directory will trigger enrollment of the device into the Intune MDM service. See the following link for details about network communication requirements: Intune network configuration requirements and bandwidth.
 
      Windows UpdateDuring the OOBE process, as well as after the Windows 10 OS is fully configured, the Windows Update service is leveraged to retrieve needed updates. If there are problems connecting to Windows Update, see How to solve connection problems concerning Windows Update or Microsoft Update.
      

From 53ea53dddc9939efa13e0b8bfee68d4345c06dec Mon Sep 17 00:00:00 2001
From: Zhanguo Tu 
Date: Wed, 28 Aug 2019 09:58:34 +0800
Subject: [PATCH 022/113] Update upgrade-mbam2.5-sp1.md

---
 mdop/mbam-v25/upgrade-mbam2.5-sp1.md | 40 +++++++++++++++-------------
 1 file changed, 21 insertions(+), 19 deletions(-)

diff --git a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md
index 045cee4b55..51719e8cbe 100644
--- a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md
+++ b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md
@@ -2,48 +2,50 @@
 title:  Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update
 author: TobyTu 
 ms.author: ksharma
-manager: dcscontentpm
+manager: DCSCPMCAIM365 
 audience: ITPro  
 ms.topic: article  
 ms.prod: mbam
 localization_priority: Normal
 --- 
 
-# Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update
+# Upgrade from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update
 
-This article provides step-by-step instructions for upgrading Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 SP1 along with Microsoft Desktop Optimization Pack (MDOP) July 2018 Servicing update in a stand-alone configuration. In this guide we will use a two-server configuration. One of the two servers will be a database server that's running Microsoft SQL Server 2016. This server will host the MBAM databases and reports. The additional server will be a Windows Server 2012 R2 web server and will host "Administration and Monitoring Server" and "Self-Service Portal."
+This article provides step-by-step instructions to upgrade Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 Service Pack 1 (SP1) together with the Microsoft Desktop Optimization Pack (MDOP) July 2018 servicing update in a standalone configuration.
 
-## Preparation steps before you upgrade MBAM 2.5 SP1 server
+In this guide, we will use a two-server configuration. One server will be a database server that's running Microsoft SQL Server 2016. This server will host the MBAM databases and reports. The other server will be a Windows Server 2012 R2 web server. This server will host "Administration and Monitoring" and "Self-Service Portal."
 
-### Know the MBAM Servers in your environment
+## Prepare to upgrade MBAM 2.5 SP1
 
-1. SQL Server Database Engine: Server Hosting the MBAM Databases.
-2. SQL Server Reporting Services: Server Hosting the MBAM Reports.
-3. Internet Information Services (IIS) Web Servers: Server Hosting MBAM Web Applications and Services.
-4. (Optional) Microsoft System Center Configuration Manager (SCCM) Primary Site Server: MBAM Configuration Application is run on this server to integrate MBAM Repots with SCCM which are then merged with existing SCCM reports on the SCCM’s SQL Server Reporting Services (SSRS) instance.
+### Know the MBAM servers in your environment
 
-### Identify Service Accounts, Groups, Server Name and Reports URL
+1. SQL Server Database Engine: Server that hosts the MBAM databases.
+2. SQL Server Reporting Services: Server that hosts the MBAM reports.
+3. Internet Information Services (IIS) web servers: Server that hosts MBAM Web Applications and MBAM services.
+4. (Optional) Microsoft System Center Configuration Manager primary site server: The MBAM configuration application is run on this server to integrate MBAM reports with Configuration Manager. These reports are then merged with existing Configuration Manager reports on the Configuration Manager SQL Server Reporting Services (SSRS) instance.
 
-1. Identify the MBAM App Pool Svc Account used by IIS web servers to Read and Write Data to MBAM Databases.
-2. Identify the Groups used during MBAM Web Features Configuration and the Reports Web Service URL.
-3. Identify the SQL Server Name and Instance Name.
+### Identify service accounts, groups, server name, and reports URL
+
+1. Identify the MBAM application pool service account that's used by IIS web servers to read and write data to MBAM databases.
+2. Identify the groups that are used during the MBAM web features configuration and the reports web service URL.
+3. Identify the SQL Server name and instance name.
     > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ANP1]
-4. Identify the SQL Server Reporting Services Account used for reading compliance data from Compliance and Audit Database.
+4. Identify the SQL Server Reporting Services Account that's used for reading compliance data from the Compliance and Audit database.
     > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALdZ]
 
-## Upgrade the MBAM Infrastructure to the latest version available
+## Upgrade the MBAM infrastructure to the latest version available
 
 > [!NOTE]
-> We recommend that you take a full database backup of the MBAM Databases before performing upgrades.
+> We recommend that you create a full database backup of the MBAM databases before you run the upgrades.
 
-### Upgrade the MBAM SQL Server
+### Upgrade the MBAM SQL Server server
 
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALew]
 
-### Upgrade MBAM Web Server
+### Upgrade the MBAM web server
 
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALex]
 
 ## More information
 
-For more about MBAM 2.5 SP1 known issues, please refer [Release Notes for MBAM 2.5 SP1](https://docs.microsoft.com/microsoft-desktop-optimization-pack/mbam-v25/release-notes-for-mbam-25-sp1).
+For more information about known issues in MBAM 2.5 SP1, see [Release Notes for MBAM 2.5 SP1](https://docs.microsoft.com/microsoft-desktop-optimization-pack/mbam-v25/release-notes-for-mbam-25-sp1).

From b1e817ea99ff4eb1ebf344d3506bf8c0783d6edc Mon Sep 17 00:00:00 2001
From: Deland-Han 
Date: Wed, 28 Aug 2019 10:30:55 +0800
Subject: [PATCH 023/113] finish

---
 windows/client-management/TOC.md              |   4 +
 .../determine-appropriate-page-file-size.md   | 128 +++++++++++
 .../generate-kernel-or-complete-crash-dump.md | 110 +++++++++
 .../images/out-of-memory.png                  | Bin 0 -> 41165 bytes
 .../images/task-manager-commit.png            | Bin 0 -> 96419 bytes
 .../client-management/images/task-manager.png | Bin 0 -> 101967 bytes
 .../introduction-of-page-file.md              |  74 +++++++
 .../system-failure-recovery-options.md        | 209 ++++++++++++++++++
 .../troubleshoot-windows-startup.md           |  38 +++-
 9 files changed, 560 insertions(+), 3 deletions(-)
 create mode 100644 windows/client-management/determine-appropriate-page-file-size.md
 create mode 100644 windows/client-management/generate-kernel-or-complete-crash-dump.md
 create mode 100644 windows/client-management/images/out-of-memory.png
 create mode 100644 windows/client-management/images/task-manager-commit.png
 create mode 100644 windows/client-management/images/task-manager.png
 create mode 100644 windows/client-management/introduction-of-page-file.md
 create mode 100644 windows/client-management/system-failure-recovery-options.md

diff --git a/windows/client-management/TOC.md b/windows/client-management/TOC.md
index d3c28bfc73..d3ba01eed3 100644
--- a/windows/client-management/TOC.md
+++ b/windows/client-management/TOC.md
@@ -22,6 +22,10 @@
 ##### [Troubleshoot port exhaustion](troubleshoot-tcpip-port-exhaust.md)
 ##### [Troubleshoot Remote Procedure Call (RPC) errors](troubleshoot-tcpip-rpc-errors.md)
 ### [Advanced troubleshooting for Windows startup](troubleshoot-windows-startup.md)
+#### [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md)
+#### [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md)
+#### [Introduction of page file](introduction-of-page-file.md)
+#### [Configure system failure and recovery options in Windows](system-failure-recovery-options.md)
 #### [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md)
 #### [Advanced troubleshooting for Windows-based computer freeze](troubleshoot-windows-freeze.md)
 #### [Advanced troubleshooting for stop error or blue screen error](troubleshoot-stop-errors.md)
diff --git a/windows/client-management/determine-appropriate-page-file-size.md b/windows/client-management/determine-appropriate-page-file-size.md
new file mode 100644
index 0000000000..af9ebe39dd
--- /dev/null
+++ b/windows/client-management/determine-appropriate-page-file-size.md
@@ -0,0 +1,128 @@
+---
+title: How to determine the appropriate page file size for 64-bit versions of Windows
+description: Learn how to determine the appropriate page file size for 64-bit versions of Windows.
+ms.prod: w10
+ms.sitesec: library
+ms.topic: troubleshooting
+author: Deland-Han
+ms.localizationpriority: medium
+ms.author: delhan
+ms.date: 8/28/2019
+ms.reviewer: 
+manager: dcscontentpm
+---
+
+# How to determine the appropriate page file size for 64-bit versions of Windows
+
+In summary, page file sizing depends on the system crash dump setting requirements and the system commit charge peak usage or expected usage. Both considerations are unique to each system, even for systems that are identical to other systems. This means that page file sizing is unique to each system and cannot be generalized.
+
+## Determine the appropriate page file size
+
+Use the following considerations for page file sizing for all versions of Windows and Windows Server:
+
+### Crash dump setting
+
+If you want a crash dump file to be created during a system crash, a page file or a dedicated dump file must exist and be large enough to back the system crash dump setting. Otherwise, a system memory dump file is not created.
+
+For more information, see [Support for system crash dumps](introduction-of-page-file.md#support-for-system-crash-dumps) section.
+
+### Peak system commit charge
+
+The system commit charge cannot exceed the system commit limit. This limit is the sum of physical memory (RAM) and all page files combined. If no page files exist, the system commit limit is slightly less than the physical memory installed. Peak system-committed memory usage can vary greatly between systems. Therefore, physical memory and page file sizing also varies.
+
+### Quantity of infrequently accessed pages
+
+The purpose of a page file is to back infrequently accessed modified pages so that they can be removed from physical memory. This provides more available space for more frequently accessed pages. The "\Memory\Modified Page List Bytes" performance counter measures, in part, the number of infrequently accessed modified pages that are destined for the hard disk. However, be aware that not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. Therefore, consider extending or adding a page file if all the following conditions are true:
+
+- More available physical memory (\Memory\Available MBytes) is required.
+
+- The modified page list contains a significant amount of memory.
+
+- The existing page files are fairly full (\Paging Files(*)\% Usage).
+
+## Support for system crash dumps
+
+A system crash (also known as a “bug check” or a "Stop error") occurs when the system cannot run correctly. The dump file that is produced from this event is called a system crash dump. A page file or dedicated dump file is used to write a crash dump file (memory.dmp) to disk. Therefore, a page file or a dedicated dump file must be large enough to support the kind of crash dump selected. Otherwise, the system cannot create the crash dump file.
+
+>[!Note]
+>During startup, system-managed page files are sized respective to the system crash dump settings. This assumes that enough free disk space exists.
+
+|System crash dump setting	|Minimum page file size requirement|
+|-----------|-------------------|
+|Small memory dump (256 KB)	|1 MB|
+|Kernel memory dump	|Depends on kernel virtual memory usage|
+|Complete memory dump	|1 x RAM plus 257 MB*|
+|Automatic memory dump	|Depends on kernel virtual memory usage. For details, see Automatic memory dump.|
+
+\* 1 MB of header data and device drivers can total 256 MB of secondary crash dump data.
+
+The **Automatic memory dump** setting is enabled by default. This is a setting instead of a kind of crash dump. This setting automatically selects the best page file size, depending on the frequency of system crashes. 
+
+The Automatic memory dump feature at first selects a small paging file size. It would accommodate the kernel memory most of the time. If the system crashes again within four weeks, the Automatic memory dump feature selects the page file size as either the RAM size or 32 GB, whichever is smaller. 
+
+Kernel memory crash dumps require enough page file space or dedicated dump file space to accommodate the kernel mode side of virtual memory usage. If the system crashes again within four weeks of the previous crash, a Complete memory dump is selected at restart. This requires a page file or dedicated dump file of at least the size of physical memory (RAM) plus 1 MB for header information plus 256 MB for potential driver data to support all the potential data that is dumped from memory. Again, the system-managed page file will be increased to back this kind of crash dump. If the system is configured to have a page file or a dedicated dump file of a specific size, make sure that the size is sufficient to back the crash dump setting that is listed in the table earlier in this section together with and the peak system commit charge.
+
+### Dedicated dump files
+
+Computers that are running Microsoft Windows or Microsoft Windows Server usually must have a page file to support a system crash dump. System administrators now have the option to create a dedicated dump file instead.
+A dedicated dump file is a page file that is not used for paging. Instead, it is “dedicated” to back a system crash dump file (memory.dmp) when a system crash occurs. Dedicated dump files can be put on any disk volume that can support a page file. We recommend that you use a dedicated dump file when you want a system crash dump, but you do not want a page file.
+
+## System-managed page files
+
+By default, page files are system managed. This means that the page files increase and decrease based on many factors, such as the amount of physical memory installed, the process of accommodating the system commit charge, and the process of accommodating a system crash dump.
+
+For example, when the system commit charge is more than 90 percent of the system commit limit, the page file is increased to back it. This continues to occur until the page file reaches three times the size of physical memory or 4 GB, whichever is larger. This all assumes that the logical disk that is hosting the page file is large enough to accommodate the growth.
+
+The following table lists the minimum and maximum page file sizes of system-managed page files in Windows 10.
+
+|Minimum page file size	|Maximum page file size|
+|---------------|------------------|
+|Varies based on page file usage history, amount of RAM (RAM ÷ 8, max 32 GB) and crash dump settings.	|3 × RAM or 4 GB, whichever is larger.  This is then limited to the volume size ÷ 8.  However, it can grow to within 1 GB of free space on the volume if required for crash dump settings.|
+
+## Performance counters
+
+Several performance counters are related to page files. This section describes the counters and what they measure.
+
+### \Memory\Page/sec and other hard page fault counters
+
+The following performance counters measure hard page faults (which include, but are not limited to, page file reads):
+
+- \Memory\Page/sec
+
+- \Memory\Page Reads/sec
+
+- \Memory\Page Inputs/sec
+
+The following performance counters measure page file writes:
+
+- \Memory\Page Writes/sec
+
+- \Memory\Page Output/sec
+
+Hard page faults are faults that must be resolved by retrieving the data from disk. Such data can include portions of DLLs, .exe files, memory-mapped files, and page files. These faults might or might not be related to a page file or to a low-memory condition. Hard page faults are a standard function of the operating system. They occur when the following items are read:
+
+- Parts of image files (.dll and .exe files) as they are used
+
+- Memory-mapped files
+
+- A page file
+
+High values for these counters (excessive paging) indicate disk access of generally 4 KB per page fault on x86 and x64 versions of Windows and Windows Server. This disk access might or might not be related to page file activity but may contribute to poor disk performance that can cause system-wide delays if the related disks are overwhelmed.
+
+Therefore, we recommend that you monitor the disk performance of the logical disks that host a page file in correlation with these counters. Be aware that a system that has a sustained 100 hard page faults per second experiences 400 KB per second disk transfers. Most 7200 RPM disk drives can handle about 5 MB per second at an IO size of 16 KB or 800 KB per second at an IO size of 4 KB. No performance counter directly measures which logical disk the hard page faults are resolved for.
+
+### \Paging File(*)\% Usage
+
+The \Paging File(*)\% Usage performance counter measures the percentage of usage of each page file. 100 percent usage of a page file does not indicate a performance problem as long as the system commit limit is not reached by the system commit charge, and if a significant amount of memory is not waiting to be written to a page file.
+
+>[!Note]
+>The size of the Modified Page List (\Memory\Modified Page List Bytes) is the total of modified data that is waiting to be written to disk.
+
+If the Modified Page List (a list of physical memory pages that are the least frequently accessed) contains a lot of memory, and if the % Usage value of all page files is greater than 90, you can make more physical memory available for more frequently access pages by increasing or adding a page file.
+
+>[!Note]
+>Not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list.
+
+## Multiple page files and disk considerations
+
+If a system is configured to have more than one page files, the page file that responds first is the one that is used. This means that page files that are on faster disks are used more frequently. Also, putting a page file on a “fast” or “slow” disk is important only if the page file is frequently accessed and if the disk that is hosting the respective page file is overwhelmed. Be aware that actual page file usage depends greatly on the amount of modified memory that the system is managing. This means that files that already exist on disk (such as .txt, .doc, .dll, and .exe) are not written to a page file. Only modified data that does not already exist on disk (for example, unsaved text in Notepad ) is memory that could potentially be backed by a page file. After the unsaved data is saved to disk as a file, it is backed by the disk and not by a page file.
diff --git a/windows/client-management/generate-kernel-or-complete-crash-dump.md b/windows/client-management/generate-kernel-or-complete-crash-dump.md
new file mode 100644
index 0000000000..21bffca246
--- /dev/null
+++ b/windows/client-management/generate-kernel-or-complete-crash-dump.md
@@ -0,0 +1,110 @@
+---
+title: Generate a kernel or complete crash dump
+description: Learn how to generate a kernel or complete crash dump.
+ms.prod: w10
+ms.sitesec: library
+ms.topic: troubleshooting
+author: Deland-Han
+ms.localizationpriority: medium
+ms.author: delhan
+ms.date: 8/28/2019
+ms.reviewer: 
+manager: dcscontentpm
+---
+
+# Generate a kernel or complete crash dump 
+
+A system crash (also known as a “bug check” or a "Stop error") occurs when Windows can't run correctly. The dump file that is produced from this event is called a system crash dump.
+
+A manual kernel or complete memory dump file is useful when troubleshooting a number of issues because the process captures a record of system memory at the time of a crash.
+
+## Set up page files
+
+See [Support for system crash dumps](determine-appropriate-page-file-size.md#support-for-system-crash-dumps) for the page file size requirement for system crash dump.
+
+## Enable memory dump setting
+
+You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure.
+
+To enable memory dump setting, follow these steps:
+
+1. In **Control Panel**, click **System and Security** -> **System**, or click **System** directly if control panel is viewed by icons.
+
+2. Click **Advanced system settings**, and then click the **Advanced** tab.
+
+3. Under **Startup and Recovery**, click **Settings**.
+
+4. Make sure that **Kernel memory dump** or **Complete memory dump** is selected under **Writing Debugging Information**.
+
+5. Restart the computer.
+
+>[!Note]
+> You can change the dump file path by edit the **Dump file** field. In other words, you can change the path from %SystemRoot%\Memory.dmp to point to a local drive that has enough disk space, such as E:\Memory.dmp. 
+
+### Tips for memory dump
+
+When computer crashes and restarts, the contents of physical RAM are written to the paging file that is located on the partition on which the operating system is installed.
+
+Depending on the speed of the hard drive on which Windows is installed, dumping more than 2 gigabytes (GB) of memory may take a long time. Even in a best case scenario, where the dump file is configured to reside on another local hard drive, there will be a significant amount of data being read and written to the hard drives. This can cause a prolonged server outage.
+
+>[!Note]
+>Use this method to generate complete memory dump files with caution. Ideally, you should only do this only when you are explicitly requested to by the Microsoft Customer Support Services Engineer. Any kernel or complete memory dump file debugging should be the last resort when all the standard troubleshooting methods have been completely exhausted.
+
+## Manually generate a memory dump file
+
+### Use the NotMyFault tool
+
+If you can log on while the problem is occurring, you can use the Microsoft Sysinternals NotMyFault tool. To do this, follow these steps:
+
+1. Download the [NotMyFault](https://download.sysinternals.com/files/NotMyFault.zip) tool.
+
+2. Click **Start**, and then click **Command Prompt**.
+3. At the command line, run the following command:
+
+   ```cmd
+   notMyfault.exe /crash
+   ```
+
+>[!Note]
+>This operation generates a memory dump file and a D1 stop error.
+
+### Use NMI
+
+On some computers, you cannot use keyboard to generate a crash dump file. For example, Hewlett-Packard (HP) BladeSystem servers from the Hewlett-Packard Development Company are managed through a browser-based graphical user interface (GUI). A keyboard is not attached to the HP BladeSystem server.
+
+In these cases, you must generate a complete crash dump file or a kernel crash dump file by using the Non-Maskable Interrupt (NMI) switch that causes an NMI on the system processor. 
+
+To do this, follow these steps:
+
+> [!IMPORTANT]  
+> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur.
+
+1. In Registry Editor, locate the following registry subkey:
+   **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl**
+
+2. Right-click **CrashControl**, point to **New**, and then click **DWORD Value**.
+
+3. Type NMICrashDump, and then press Enter.
+
+4. Right-click **NMICrashDump**, and then click **Modify**.
+
+5. In the **Value data** box, type 1, and then click **OK**.
+
+6. Restart the computer.
+
+7. Hardware vendors, such as HP, IBM, and Dell, may provide an Automatic System Recovery (ASR) feature. You should disable this feature during troubleshooting. For example, if HP and Compaq's ASR feature is enabled in the BIOS, disable this feature while you are troubleshooting to generate a complete memory.dmp file. For the exact steps, contact your hardware vendor.
+
+8. Enable the NMI switch in the BIOS or by using the Integrated Lights Out (iLO) Web interface. 
+
+   >[!Note]
+   >For the exact steps, see the BIOS reference manual or contact your hardware vendor.
+
+9. Test this method on the server by using the NMI switch to generate a dump file. You will see a STOP 0x00000080 hardware malfunction.
+
+### Use the keyboard
+
+[Forcing a System Crash from the Keyboard](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/forcing-a-system-crash-from-the-keyboard)
+
+### Use Debugger
+
+[Forcing a System Crash from the Debugger](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/forcing-a-system-crash-from-the-debugger)
diff --git a/windows/client-management/images/out-of-memory.png b/windows/client-management/images/out-of-memory.png
new file mode 100644
index 0000000000000000000000000000000000000000..c377389128117592d16f84308068259fa28e8726
GIT binary patch
literal 41165
zcmdS9Wl$Ym&@PI*yF&sS*|>Xf0vmUC3m)7(xNqFu-Q8V-yIZgT!JW%{?suy0&-?S7
zsae%Et9o_!>YDDE)%}Dk%6~^iB0_?IfIyX&5?6+RfNc33`Up^;GvVFC_n!pPN%^}d
zMD;Yu$>#%%g@~L81Vmjd@~aW-=QH9@DJ>@m2(-cf24oUF8ZiV!uCcVZh^o8(c^0f8
z@%Ocdo38JIKfE-g(i`d6#pYO?Y-n8f;=UB8rv1-F2w1KEyk)^@BG2Yc^^E*w>4nl6
zg*P2t!|eR*{2e!wemMb6ZiRpS;RSXe(cNG70$y_<1B5B!;33tppaO(>{{NGI#Hx;Y
zIjjUxBs=g3Fi;*MPpCj%rKul0vHyF*LpMp6$QZ?)HR2=ka}MLzryl(H5jAOT$bx;i
z0%v$fe{x}rPp$gmWHNwdJVF>9&qdXN)NNzH!*5o|CdGK-UzAS
ze-LRf?GTUqMUV?YU9P$9J+vq1E)w;&U5r#mb(crnW+B29J-H$1QLk!bN`RAzs5CUm
zd4T7eOll^nWcethFN6q2cqSAgPv9t;;=o@b|IvQ-0&
z`E!#595#!Cwtb<0Fx4E*B1CG<7rbTdH{-Do>c9TyA@Q#z!cZ|RW;E6v2pjkva#^GA(Ho9!RbOt|MitJ3>-CVKo)TtitD}g8YUKrxV)MbbYQq8nN;lXA?>W{h
zj6lRd3M^h&EPvA;6d<8sE^&j)`jiwG;tEgfpnc}CgM)~#G2Ty2tAa2_%N4Q7UzMg>
zOvmUwsj0YY2sTwC>MPjw%5?xZAv>YS-p(aY1nGfn-!}_$L-rTurR1s&TPxV?!dt{^$j_(M|UsEufWrFa^TbJ~}E$sr!jaH``{W
z80Vuq`KhJf+|S$@J2t&c5D?7=w8Un0_~Uyi*!C}kKMmI8xXzm5!`?!tlvl=AwEs?7
z*8z?SP0;toQ!0@00WIKl?8l?t_l?O|+vB2|8UAV^rdH>_u}qmmB1kzxu%rGN)Ir`-pX8cJIOm)$Pp4-$YnsR=~GG>lVLV0b_N74B~N;UiZpHr!cnt}VxI|DZ}z;It1l>nPK
zagO-L0zO;#2dx7LpYf@EL9E6FaKE7DZWtiJTnEly
zQOJ249@Jd_1h)OFlcQ&Y4Y%5}d5C%E`&3)23ifAkb$Z9Kh&-n-t|b(2zxMnvR~VLU
zDnll&;6B%`1)z4&no8Rq>HfZs4A=V792j3{(`QQ&zIqAK%itx0g4IN}rOmgV6mLVE
zHp8|w&nniVxNe&QO|$wyDR{i~B~Az$wWl(KME(s6y##ztzMdN>wHA+EXY!lrQ@@S)
z`)LV}4Hyz4Z)$pCE2)LrBpec(BVCXYnaV0_s?(tut@b%EL@
zIQ_4Fb8^ftF18v21pk=T)p0}qmcLe$6Sk79*mkC-6U~hHFxSS=Hr=}^E*PKTuNe@!
zv#SbzGs$of+4#mBP8Rz}hXw-`Ah0j+3nb6YPQ=V=rJwJ1t~p>&mfA@=jP#i~3}fNP
zgpH|?M-e_V^KV}CJg{JU)O9T3A^&kS|FImp1IGnKcsv6I<$rSie9B4g`c3fuOdV+m{Le_;f46FmEZ~57GZdKm|Cv!$
z15ayaSvYT)B%Yf!ZixEAvHriT9BPiX;jHO>r9y+WugC>QUc*vsCN9Y?NS_~)Z0zh}
zP_-=U+U1;k&;|XakIZqSYI`x9=V+2oLWFwtQ75kIfkJ^p!9xKT0beH%
zdIy2@NKhW;n%cTVr_=|{F_^=6%S&XgSUKGSLQ=(vYWIce_Z+AUF~1x3azxaVH6*VJ
z_wF$#ujU4}cgUybm8759g3?E5eKNKlmz%OlD+)=iA4zYEKTHz;nxoLLEhTG>WkWgh
z`PkapS~+_D;u93$3MLC$cshB)<;!AS62h}T{pj}9a35f|0mTW?4~Pwn6>nXJtF7V7
z&ydNB`}ZlJyMFgNeD&tDq0wkHeRbYv7pUT7{T6RY`q*SzX7oHNwzbpHJFhgh$^^IN
zuk@OtMzSXbl_dVY-Vmhpj1MOt&AK@by2pXQY7^MDr^ohtbi`mGx^+KOj#rze^^HbT
z!@6d;ApnkP5=%QzD=RW{P31tN^(|~%pPmw(Ei}NZN^^ze6W$5Up1D@uvjMOKpIv9p
z+*nR~OyZz5$FeyRpa&$vC3K0#jP0`YEvZ-_Aisko-28o%gijO?Ic@}wc^d#yAjmqqApj^@_KT)LbQ0*86aF8Ov|(RNNqpUPB=(A6(ia;~U3
zDh9X#Ex02}O
zr>D@)SGu!M5soO;9?)Sxt6ggu8u{k&f4Tbw3f6`)d;HBIBoJ{H<0|tMsj0)|;9(Su
z`=mp7Qol6bRbi0AG8*CTno5PC;-mb*v_>$`%Rb;9qw`ExdSD1sa01iiS|MJI4A_(B
zBJtkK*@K`XDJ|z_pWrE7Pvsp?{RmF`{i23t3S-~-%q4K@9!Oc?GqE0-
zKR^Aan9JtEm+_z4xMZ2OG`|BHD(EXz4&v)2)$f$8p4s{EdwV02qQ@}IO6wrYj2t=X
zs=^~^P?ik8pCL5tz{;1f7h4ugZ4NZGva;mL)Lg&`Vr!11@
zSk|Ohz11O1v23k~RDx0Kqu-UOUg~|E++hJ7K1ix?3)qP$Oc6)0-_7?GO+KLL|ELS|
zniQDmWr?8{ddw6jF^=LUl!x(h7MSk*Vy!`Vt#`lz)I=j?dw6jZ3i8+1B27MRQKvW
zG}CwJF)nV^LTN6@FusI8gE@eI$AxGX+WLqI&xq
zX((%wQ(}4hVpQ~K4mZp`J&4Ps_I55QG8oA@e{y(_0NB7N%c+IrJ~LNjm~ba;$r1Iq
z5rhbBJ-w`~Ty@n4J55Yayr}1ZI>?b#DdwZgPFNzPm1Cko3Vb}g0A{V2qWB*f=!7d4
zDm0K)KpwVr>aYdC67La%IDA0JNe&4$#ZshhQH<_7chK7X_VsL+bWoL&1fUXdAIl9Wu
zT0jvYc;OH5*lnwOlc}_SjR%kM^bVV@ez&V>ezYFTKUIyPFu`Z6l#QCt?J}uW4Phek06B4m)L&HF%trmPD0uUht+}3PY;)kJT;Hs-*SH0y5vz
zMs{Hy?jZQt2_$iQGkul<7&+`5A%+C0N0Xmt5{+nR=yqY<|0}{!JkR*E|E*mQOI9C_
z8ZCnK_!N-~obJ2V>@j1f7w>k76C47d_3Wf?
z)@u7;^XsCzFW_`3++GjlZIBDJ`w_#|Go!J7Xxp@9^{1efLA$^1_US1Y>mzl4_>jml
zfmj2EJDAS8Suu94Y(@#B1<6b!N;*8k=Sq1AXeeeu`2jNsmw^=-b?yk`!vg4|d%5^^
z-c54LXFm=Z6q88Yrp~JsB>I!R
zun@-cEf(kkpnUpuJ|>bvqRWBl9y_2u?jLS$d2Z<@>@c|<+-qit(6wxH^X2bcTcv|l|=Y|G`QjlS+NY<#n;vu2EV^}icA
z8_}NPEFF#OM**h<3gxC4)rO|NKixCKEaMZR++(?e^Z*iO{U6ggb-%lMLfMc(aMU~?
zB3s!q=duh~GSpI8FRjoHyFvaX=+b#e)j5szhn$iiG)-3+b-9?RsOF|7X?>LUXPZ%U
zPc>>S)i|>sKUTImb~`=OG_QHSVpR-4dWIuWFQS=69-|hQxFt8c-X{<>S$_dRZTFc
zEKc!Qt|MmC{7^J@i42$6a`=0HJ;Z6H_QYA1pRpwveTFJk5{oZ^H-S(r^QRhZibcC#
zX5p4CR;MMX^R0lrFkM|`;+2w!(JWWAA`AqQe(H3fxs$y5p|VXCEEDb&|u#?XKVQagtuY#t-(S*cr_CKl-&
zDRDK{dR|?ot5_d*rX4~XFDhRf*~%qx-xs4Mf=Ig`{dYh!y?lidIC|Au3@+viEncZ<
zxzBk_0c1@@Q#R|
zLL$k0fi6O_$8I^c{i#<6Ufpz_16h(r3OliJl~|(FOabEC`(FQ7cghfcz^h(qe@hgS
z!0p&-k;58K2M9{2Ymo71C3?XtK+~|RR0%enCTpHPNsb&I5keSXAO6@ynM{u-h*sI+
z*SNh+xBuGIDE3V(Hz?OKn@d3zpixX<+kd;JXZ;tQ$gTiB{zQJMd-_NBec`tuNT1km
z87H9TO6+0%Y
z+_iePY}hJbh+IfG?l(3_s`Kuc6iQ8b%4*38-~E*kgO)6+6H5tyO`KZ*Bv%#3S^zSf
z;1I9UN`REMS5UY55o*JdH}ET)FaUNapyRmh@5(cD(Mjvzv6~NHY*MR+;H7?}gehRcl_0-P2gib_Q4JW=dp(s_3W&|vMMH8P?7K?|OL+#u#JQ6*u6|FhEa?=&is#%*(cz1m2W&3v;$P
zX5qm5e9sw&t=Y4SY$Mdy94-ZUKzyt%h#)CvKI0?gB3?Z9N6lv$kzX{E+eH1}q=Liv
zmQj@1w|E7IxFs*=BpA|SzAE?2Jf49)x|uRXVd*I8{0{x%U!G0)t{x7?D|+m^&2|B$
z_MvY7Xx9QDd+~_pkhfOxJ(XLO$2+E1$a!Ub=pXH2Z#0`cnryVmAR6h*!9v38xCQd6qI&JHca>o<|h4SwdkXR+}<8B1jEAz%j4rnK_TdPd2iKQv5TZ8u$n15ysC&F}e8E>MXnRm;D#E+fbq^KYVk0+g&SD
zrimOrbjldJOvpIJO|AO*T|YJj+6a)O{MnRricHl!`(TAy#SOBFP@84jDw4fMD&|?;
z+)aG1e4ERt-1{nbPJdk%Z8X};kZ(1CcyD~WRAPw}
z-#?zX;V>>4Jft0>Q0}9!9_$M387z*9cy6$+u&&s=>os{(r+O=9uUMRX1p*oqS}y>|
zCCu~1N5t4jYN*JML6S4g)M^Xb?RY^u=X-0$ZVjEfbKGw8D>qy7B8d{Ts9KCLz%tVm
zFZ$&1O0<3k$ei7rr@5qZo_-SAD^^vup~*j`q)d59oD~S?PMw91h-!(G_m$`K}$&1rvD@v*%lVlx0s}5zrP7|^pg!HH?0OsQZO|gj714J3Ai%S2DSf$&Y5&r{Sd_c;gFQ+KTk6xwP|1*n;_iQLk>ygygaE%%T`laA4Z3+$dhp>li}YAVF18Z=71e@8{4eCfq#_K
zD@D^}c5+WrEeH7da$3yB+UiRPHLuPLo~88Rx@HPC6GEdMmGCgLwwn^n+g6_UKpxi+;Rue*;`nF;;N1=Jd;#<%0+|KkiU-qdK|)WX<6Vp
zF%cxf<0kn3VPmOl=M%4v8Q=Qnw8E`yS+dyBs^-LnR<>ielU5&LQlAGFu-l}|vRTw2
zMQfRg12Z<2e%9`Knd(J{gvpU^MkI9k@b=s
z9$Bftw8%XUlrIt&qISJT6b-5X4#KpXZq6xm3&^>djA!j$CMDh6rp{hl2<==LrSS5p9?H215e^|a&k5J?pH*raAZy&vd~>#
zaP$)?juG`FwiK2NSZTdPWBBznpN5!D>Uf8LUrk3LajOJI%UJk#aICGEnd3CUBYSLLg*bv>PLR}Wcb};
zkGFBMUv|JrF3RQlCMR6N+_Dfc{>N$6uwwRQtN7EQ$`Nh7{3clvT3QrFIzQK#!--M}GHVS#I))sn>@U$4{Zl8@3b%kfv+KLm2aOjZ(NT
z5Bd868y{7tC()IA4G)-K9J92Gxv$@`h=CqkZ5EOK)hNNMg)+3bTATu!fRymopCf^8
z_8Nmz)wW7w0Ptbgu~#$WE-sFt#RqSq#WKsZokcD!=9>T-5HT}yJZijRWI#W~Rw66#
zFkXqGwT5K%7C?q3&?3-;T?}K?NgOTJuGb4oj(WiN)MGAAST|QNYl)bmx8UQaJi|RYT8Uz
zmKiT5kcV1|V~fq6mPMVB
z$yr0^H6=-~q8beg-^k03>u5^B36TkAWrwA>0gybc1x>qsN3G}4%l9>p-~y8@y5JA~
zOj~vKtpPhKda>|ntvO|nqb3x^BjiFbyIvHTk0j#y2-n#Nv>KN5z%$PGyKwIa=t_74
z-Mpgo>mX%pzNB~I=11_niEW#i5Gg`8K6leUC45>7m&Or&dhAra1qga92+wN{+r$}l
zpBwpd5LI_N&z!RE^}xIEztr$_gY}Z;JTUo5)AO>8d~H?q?%!xO*v5*lFPMxS1^|&*
zIrIshv8-HeSsEJ@o@9J=y1x;kbdFnk9)hZ}YMcZP8RqkR#aw@js09woL45E@x_>Xj
z|4nat6$#Y(VU`MnWm4badr$@7zu0R?o9>SuEC_3K9dwZp{*HknqW2B@OL?)lXy#av
zFUygmWFm}Dj|#zo5!XNeC!x|R`QK#Ph+HZVad`T2RVjoV<7}~S(utfx&O*AN!0dWa%1X|88ux`Sivx&(fPqfdQ4JDE
zk#8Ddj`GWfP0}Skt(}qQtIGztKW3{}gB~?*w!Yp*#}SAE1#0hB(8rLWVj>sd)XOE#mUZbT^Fo2tM8pk=t(oIM
z%K2nhb*MM)wV=Qtf8U53#-Q`xz=IZ6g#y#iq>XM|KdA~}rH|bYpSR3zN%FEjwVh%9
zmJ1+!mIucA8N=C4kb9EYER~9)Kk798i@B2}j!f`F&;|T2hGO%|$iU7NjU$U>Vo
zBsS_`in4l0JK{w>*~`$xInwZKXYQH$(QVU%(kdf*Z64VEW_aWNjPXky7Jjh#KTF&#
zR5F5W3FlMaB$y;idRuld%9C&*FB&_1BO(hgSEez3gF)3Ko0qA#XTaRL*-ydaTsz9E
zpM5STGB?(#XoSJFEq11kiemsE9Sx7$N0Dk)JLeuw&^K=V1U<@Le1u_8Yzg>4!W5Re
z$fz+OtP`$R2G(8w_3N019v_?JOk)NEBhwTverCdW5(0pQ#wZ?_X2#xLrqIBN+8Hth
zCb6ga7o9a1m;9SlOH+1dvz|&Skj{bq>QLvz9QVctdsK`X`zroOiJWc;PEA3M>62P41zI?p}-=+MNP?Wp~Svg!c^Y~x8GPiAIHbDwL(Ztd;WgHR}L
zDViUk{f8SIGFd&;1~An+AA1B34B~uj_;k`eN282$?5QdRGhmV=!ZK{8@r5(>FO~=PIeR}_zl#M|HWsH08Kxz{yas0
zTnX`b%?GjhDPi2GkfhOE)1lRdh`bugyO+f)A=TIp4d+M18&suhnJGRYn7c-T0vQ_E
z8%T#xk37@9avj$DMpM*Ei5=U*{coj?-)XV8q!4nv{qF0W+r3Tzo3E^h3qhf0e
zcAY3D>lF1gZ;5S<7aW0h_oR%vr5Xd0`We3RL$YRSP^5bc$QbK0Y%Xgu5RNeA1|;8IniS@iUh{$f`Ygbd56|Z+<4J
znx+WM&fdT{#8`?;*Rc#qU+>HaCunS<@91HduDRJilGSUklTR{>t;Q`uXqJ&;8Uy@^
zTg5f(fwd&T);$XRdW;WJFFM6c9pqX{?2F6?2Vq7HV~0^bdiq
ze;DgDR9f~8AMnL$GqIE&)5M!l2PG
z34Hk1{~*=mKxMHs+TuA|axmu#)@&?rkxn6_75$oBd;cp|hMLs5H)pq}WN$qN`n|uI
z1E1)X6(6D=8fIQWA|Ax0iUq+CuB%>clO1~0Zl_!s&%G)%-H!D9%otlS!#)mS5wF*0
zM5z_OTFQ|BnOhew@D>f@c_;O+aa;}^n0HRN7bdvUvut`8z0nC1UIO3$d(uvUCK8X+4!OBP7oN%R;gWA8G#*{8)p
zs%9SJ&JeU0W;~OaQ&}WSTB^r{VUUY~AZ^Rv%;x4mCL^Nth+=~P;mwU5)&FpyBUxV>
zYgwfsf(e3KpnwbmVL6a}lM9iia@M&xh2dqY?Bnh1utJdwgxJC`D>EZb>fB#CR_5-Q
zz1^{KQNL4z7ijOYfxc>$HC_{`sOuLl_PYA_FWOL7LJKbG`*n?M?A?;{HSb-XS4Qt>
zF?H7gkrQOXNaYekbwgQwnnDF@RVe3eT5+^_t69XESztpi6x}{D>Oa`=c)^{%{1ga?
z7w5YT8@DzB5TQ|nc5m#ziPJFib#AD{c7Y0!mGUM#bC(y2{gW$VHLTPZfdakEff24u
z)$0@Qh@0~|9+0pqcpW$AmsyUgAE@%K2sh#s*WdvVZ?Iy)r;?$XSCu%7%g%aD@g+n!
zo1#bVzk~T4p$j~(x6ObSU|DGBDVg8-N-Xrp#{s_XP9J`kl^Ywr9Kt!~q5*~Z@VK)7l
zo`{><&r_9oV!Cy5(W!dT-n!xEeXLzj8Ao@zaIEruh!Pos8Th{iSva6Xu@&qk*?#^=
z^ZV)nW3BNTHu7Qf3eLeg-X2fRL_y2XZcAd9R}ox1i=bxi#Z84Ggy
z>g$^7@-ATpsj-Q>r(v!Ajlb?OU*1A28<$MuKPw$m$=6?lgD4SWLY2p&6&ynLa!w6~
z{zI32KXg!YEKZm$c<7C_Z6-x8081eX_GY~zLzncY+8OCV{nxvP{FFi$AN5R5{#ZBF
zyq~9vMM9jjha!-s;P78xKKx1(818LTa4++p`D9la^JMNe-VyVFsnjzgJ%mpQ?>|0a
zWbgxo(Ib8*CK)3_Vf@Fa`~;}*x%`Nq;z`NW0H3GWK^||LhQ9>X>$3(eCWU5Ruh8h9
z{+xP^{YN)F-amJ6ySGBJf&ZU9RI#OCV)Av4_iKaZRnLu%29w{_q%H2vBSMdcJ`p!l
zCZEdFwDJxW2l3zXF9SaJ*~9#~gdRJJOJw?g+30!)C&(otbZ*;7m#B;^1v}2m8K=iGlD78odh4
zo)u-MC)sDPr0rH|gyD8cN0$3~Pa2iqLs5Mu){*cjTh+~=+-p2La<@{f{uqR_zBbK(
ztD`;O#QI8kdtPz;M*q_uobW1T4&gwyaK9cm@A1&wWTff@Culeo{VWS5oT$osnLU^6#Z(=N;xRK
z!zSN^$EjUmj^v3waNVnAEG)1j2o-9+pmo?jt9c8d%;!Hg>4Z6j90o`BB;biq((w{aVq&tyEM_W5aAa96n8`P8iCm4cCQdG*Z1S%IfC28v~O;23=YxSmv_wmlFu|R@Woso
z>4-2;Pwf9@fKQVH#bE2GZZ6WpM*8-D=?SU>^H0JXGb)&_ZM*8{Aw5b?6@rzZ9XWPk?5&lD_z7OUYzGV>^kd)hf2a
zJWD*SzlBSh6d^96NDY-8F1@xpWY>#HqLWF{JYCw(LTCMCylhSd(JzwbU2eAh3XjOn
z*wPWwcMdw>Rr=|s{NQwM{QO{}cSbhC39H5MSO*-u5ntIvdSEgV&MT|qm#RO5zTCg1
zT(LOTb7_AmMiD0j&zukXHW^0zWZjG4%$FrusEWUMmWr>dSSd$tCR>GGn}UxQTK6k(
zGNJ6k9t$3Kh`F(-{YRVyWOx`1SrT;^J;~^gSD+q%-Fdr#+s)q_Ga~RdpT0
zDTkW2yhB0^kf2k;>KT^y2}XS#bH`KzkG=5+cn6l_+(l~f2b2zGo~ujHptLX3Ft%$i
zSMKCXSU=PHSV8O)ubLmkitWiDT8a#PZ6DeTa6gt2rSOy2CrRr3aD%d4S9|Z$4p!fN
zz9b}~vG|3Xv$ewQ%No91P3e+&A`o-is%1*HA&>+lo;Ua>`fmIEGx9Jxd4L`tmnj?f
z!FyMOdq>K5Yp1Ua>)c@lHzxBFH^*a5Noi%ln9VBtP8Bjg!-=7u8m{+B|3g~|pyq-^
zKXVq%|1Crx=JVy!qsH|rOi^9L_@k-hzk8J49+5i^sg6+}4LDV`*Gg6UX+$4f-y87)
zTbejs&QQ{7HNJPiMvru@19_i@`6JNK$`~tUU4Uhr?_Xyf$5gKcoCjZO>)`OgB8C@8
zj3F>`Ei@Ewc(f`>t2%s&nuu_ROd}*ewq&+B&Cu7;G?Ng7x;dyzCKw>*Ga7o#)>7YK_O}gl
zQeBz2Tw#$j_CggQ!{>8<+;q5Dat!?L0ioeO4O|&qr^
zv~(3!7h|c1Aq*3lAST!ppBe6E-Di-`u*+(=lt%B3Ku!OR3{qG|$^(5<@^8C`CBCty
zFB@L`(x*0TC~B$ahKnZn<}E^YeiiR`B2+J*BtfOVz^4ev;Z*-)EpSP6B2`g>4!I3h
zGNHGs^-gKe0jcC@EFoPQrI&SCE2>tJbif=-b9?&=Q;8SQbN5vXr-
z@F8hIQysI2Eo=6NfM-V>V7SKmqVP}%cByrnLNN(%76m!Rb<_Vsv337-$k9bi$Wb_j
zP<1lvJ5DC7T7q##)o3RELf2NJa;!3u6fX@P)xW?9>N={&jve+^0hD@iU^7~6oP+jft571oG&CJZg
zGB;*Ycxk$UKKaTlHGJfo-O11w$_qM28LL*d-***K@-EARnfmHqsddyG+bb9cB!WXj
z@uepUj!05ACp6Q^ED;q+sDfv)=-HG}XJFppzc_^KHK
zJ+|J*-5VAUzk=HF578*V>iDmLoJkRB4Lu4+k{A<|{A#G$-dI%L`;lx-Mtk^EUGo}f
zkD{wSz<$$Pp*T96jW+5}a$~X45{651nNEYC;Lz5ofWUG*mOD;W5E!!rz0;TfnnXYV
zhjVI*vqoP{L%rKBLsL0MJ_wrhJk0qv%vIX9gpINpBJ;a8xNBu9gZqwjyd^V-w11)f
z--cLu?*OHJHRg76GoRu)6){PUL7=DAEvKYLREArknDW`m^(Qc7NK0OoK$?-J3U3*L
zAwCW1m0zS3
zj7&&0@6iF}k7|)gla5{8uS)!E?*LM$gO>L2`*MM^B@}aPsVF4
z!aJjT7(gur>!kH*47R4yMZl+&(A^-egyJkj%guN?so*e2ZZ4`Tv$M{|&n9AbGGT$Y
zSiiNeXdjrDzXm1pXR|iLu(jZ}WzhLCpM;deGA4&cY~#I$%k=gREHD(<{jfq}%&F_o
zRasZ5B)LseRpm&#xuC9V!kJq@sAHqjyx^
zP}U=a?1BYJcy2ws0OOpTfE)uNyM920E*o80zg+FO$#muNb7{s_2hCSAW8*@L{C+2m
z$^I|(h}?o~tOP|(e~7y?kRDK~n(n`e6%0sahRu$A^SPMMpQSn)upv@
zq~z|{+VMK^Tkxx}t6*E&ZCSG|-`>0sRM4Xsi{*ADfYSrp!x3Bgm9*Z%=FZ>ms|7~9
zn0@*gP0B5QSQar9Qn>HV=&6|K=pf4=W1AV3Wpw5k#4-_PW*edGBKvro+3VwT%`S4Y
z&SE4csH(G#m6IE2X)>Z>v@$vGM8pL&l!eE}Uaaz~_r(B4>0N9+vT^!rZ1&9K<#oBq
zT>UBH(-XRMITH^K7iFg=_fNmWrCwGC|AW*`4@Wj8twmAEFR5VL?c1}ct94ZuR^gp
z5-l8ZwG~ut>|@J1(pu_^gDWe82ibuEZdT4t>%vL++l-i;sJ1@`?7kpMhz}#FWGf|G
zSaz*0eT&&C3`|TsfVJx|p6fqww9UU4%wwL`<^0LQ!pa%nIXYBA`$I|8l%a<0*{V}D
z>QXu!l#!ZFxW+5vc)%qq6zZyB1
z8C9^eCiGFAWLD8=(2x+uq@VD?N*D#<-Z)|@LT$G((}_>BdnRHd-9HIxITWkVYGtU@$OUm~N=iyb^l&ybdcSu}=s(}T(CCozT-_c*b+qU8uZYR*eLDpU?i(4arDed9J~fs>
zdW$n!RS(P`I6_p(4dZX$(pD^o1(Fmosjiw#B)!<%>PE%HZW|^fU93%6_|j|`?>OW5
z#w@lPLD~D2U?Jr2HLnGmhOe$c;(?zX%zt|`HnH=MIM_KHSxMdn({iwyD!~Oe$k~
zsL0n?rOdO*M>NbwU&SbkyCNpF0A@|Fq{hv*U$qJJ2in4X%S=x+w)!HB*_7jq?Y!S;
zA{h)FC&S*^wrQ)#i|UVmN#}x**0^myn{XcieWg)}Y76Z~O=KG^<0qVaieto*!-yV~
z6l9sYbS(lu4v+9Qo@ao(>goFw?UyyoJ#}6WI$o(HyFzvbEFFo5Klftt?40je9HqHd
zRO?%sCk@j6ROB$NC*yHEM9WW3+OcYLC7nxOgO?I^9_Zi%(>>5qD)9{+^|<{!;mGqD
z_jhnq)%7%RYDV`{4uQ0L=Ol^RsyLPtPU{^mfsI>!g!JrD--MzQtlEnS4dcS*cBcOx
znC{I&sIsYB|AuwiMmh@fFa=|k+}*=E|R^qiOSAu0fki!<~3YYwwCZ)*F&%IZpW?axF|SQ
zSba9;oECb5-aAtXD`KQf*GXt*t)Fm@y&m^Qo-|3<>LC^ZAkaxf#}H*RtUlu+=ELMU
zM?R88sCgOd^VfIFr%j!=ZTLE#&ZwK@x05$wtAMzX>(>
z1#nu#l=hYtIO#(C^&Gg?-oJ%-k;SrX{>m=!bnY8?ZEZ9mch%U(bXV!ENN#D;!3*K=
zWzGD2psURIdtn<5<~dUdC(R;blx^bZz7O&^A|mBn4v6soF?CtQuJJ<6Q*j_iS>Rsm
zQ-AXlxQcxVbiFw9dw+0gEQcUN_4rVAEW4|U71~ioM`P+oRT(Ksp7HJb)m_ggQaB8B
zApLOtlilLl{k{uNzFBK2s-`Tq5B6n=uM6YJc9G^IBEr85@+`*l^j0m@%^WyQD@UkA
zotF6)rzX%mb9W*0oq_F{F91=X28ak0myLT<`u(b;HWzn>-Gm`f=M*=F;9}~TDGyJ1
zVW1*?I=44Dh*8}(d-FUbmg7+2A=%u3#p;2O#Gs#@b{U}*@8-bT5UVh=?^Z@`iK5ty
z=)!dq=GHTPrX|S7-8BpCYybIIri$_jEJF0>6KwMLngb$gex*)p<<|s0{xN!Uw_C?G
zcayC}CHI4T2KqSU51b8i%JDbln%b1JUovU^-YX92Tk;m-kL2&AAT)`TDO8oQhgTu|
z_}cja`0}#Rxb%-x9Kaa+no}!d=L79&AVwL49XU}!tU&l$8+Mbx;)q&*g--tuPsnI<
zNhHnSWk6L~FY!04<#1sEu|Tj(H4Ll`vV6eJ^6JoN|GoT`jx10umx?FDjYStV6ko%3h48^6NL1
z)BI+zk2xS0*h^+>jvCGJ&Ihh`@NmLPZfuCYO5UrTKY5X>14b^$9WsCh^C;wcY2rtK
zRW+<1%Fd}BnCLypQ(5!vmU?mpxj@RqX`A2Ho`}%{(8SfZYeWSNrHI?xF|q_qRgBmT
zs(#&7RwkGPD)^OeM=k2ot(a@#a?L^2E3B#j!bm}fS$#>}*WqSvSUn&M=?-;DU)cJ;
z>5rG4YA5Lv=1YN8dxs_t&aMGw3pzKA3S)Ca^XNMFkFa&g_e|ZLnYCj_x8$_aykCJP
z(9oDVQ8~NO87Vnops$p6Mt#`Ie8B~g^s?&~CINH$c)2#Yl+0xOd@Y^6u8nQXA~#*+
zQ-S4(l=F;9BIcso8$Wk;WbUV!WJ~%n9|mgG0EFx6_8hl~jb;mM6?F6SQLDS#8oaJO~)WmD_dU~}0S{2-D!;W(g;yjgGr9XgL1S?5*GlY>*-<8Mq-Ix#}iM2CW
zH0)s{Ud0>{DWis-c8B?bg185hBvfT(8JZTF#P2`u!pMvhP4oz}k4C!NDr@UJv2njT
z9S(j1zd4}`9qqo54Q0vD^Y&DO1@->I=1mf_DfIv-}G
zy04P2!XSonaSn!Yw<{~){(+^g>0johnUuNO>{(ElXKHexzBr+&Wp1M(J&e*VFbqn6
zIM36Oq$8!AWF0RSG3E;Czg2^yW9*y2Y-|V*4~VbZYg%_heQPM!A?m0nWhU*Ss;Vxs
zwk@S#@O*%h0T4FW4((Dy(J;MwZx-d+C$@d%;1ywzQfVJ`Q`1&POU()o@9L2DL^pHv
zxyCmu7aY^lN_{}8sn_95n$}$-1lVeIDa|UgEw?cK)h}RXDMp~9o{s1&8I+5P5(z+B
zj{Ujq{S_EqxwWzuwk0r9V)X+df{PVVN`}F@gNJDn;d{H-Wkxfz=>;5J
zA~*jIWvRnThbP4$tf8Slk?upI7$&B?x-^vG(jKu9-K4cj)`~5qJkJ!+wt#4O0aG6h
zFJiuL0_u#*!pjg@8b)@$I|`Xo`y$OrXFeu?N0+L;@b!;nl%%~J?~yOM6dI4(oF%+6UXKCIfsGzp
zW^Fv594(CEs31`vo9e>m>x*;S$H*UWAPbFr#`P+%?b6(m5v@dfEE5KtD|Zr}!9Zj~
z^`y_>4|sHUSKV~#s0|aXx`Y`&8T?w$#>=gb$zX+(u-R6|hA^2W+#bL?fO2Go-Te&@
z2D&!`0+q`@w^;~bI$-BWo`O2W=!+WasC@4FaJX%wh-sbck6gg~S+bHby$iehJWE}0
zgpJW^J+_qgZ^i)vC^Z@;+bivVTFq!M
z&|~9nabw|Lk6nA}1x2+Lf@3E-BHNZj$C9&z!9*EwV}^164|!i16-T#r8Jr*?Sa1o@
zxNC3?8r*^hhv4pR!QI`xad&rjXxtkM?lAq%z4x2-&97N&{>)m_e|l9{S5?>PQ|CPU
zdG_8%`s&pwbpQ&pemaiJaPuP;p2kf5dKhP8(O39TSS}an+ublsufkL1KV!qoCS!7>
z#KfpBAt{9Rz_W>yoZHxHpqDl8bq$bBP{wM6wVejFLPJDHX>M_-mooJOeM}4HFa@7a
zU`+%rHX=M6UWgy5f&F@EZsQgi-x4hByn*4Fab+*e^69mmTaU^WHyq-J=XQ#{Mb$znReivol4p<|C9$`bU=kIgx)17$4
zb8CXR%8$O~16z`R9q`kL`7buq<-mZ>_z2PP^}s0j%GScaJUi1vQd;&fptJFDT_c02
zZyq-7n}*v^vOz49&etxek~m1!t@q=9dke*Z6m=KPM6JF9mz?6kAtB2yQiA5)LBSqj
zL{+~BRpV*28gGS3V-B-$){-f15*{}^jw8Ip^$szytFQ;h*-JTQ_^R=FSq0E~MPD1f
zV)$@dW`h<49wnG;L`Y+(kW@y742=K$B!V@X;VEo041*|Uq22u4>{R09ikT*4Bcqk3
zH@QVJGtza>P1Q#h7F1(?{bB8w7Al-z`0C*!JopHK?acVHsTn#D%^yr?@?r5zzi5K~
z>fQ_f^-@93adNTknK`iO?W#^+K}vtKe;(_js#M#R0no})qU|c6_Yimo#2v$iv
zBBJy(EqL>8Kv8i~56uU+KaI`J^|iIN%xpDwb(om(*92WCR>n};5J{>+a8XK&Ns+0#
znp$#lvTzMMt(9d04`)KEc$49d!!xvv6;zCj*76IDXh)Mlux)61!ZP~a(#_fWGw_FkL?3A;%X-il
zvp8ng^&~b_NB>}CXGd^3$_$Rzbz;}+txZ+O-4n4j`Fb;Sl632e6tecK-9?tX51-vc
z$TV*+Xq--r)0a|oT@&zTpDVIxDIptudE)0HA+*`w^F
zq}DwzbQ*l6p<^|bcPbrCF0z_>-tSIZ^3DkwF2|;aSD-YPqR!o(=a{;7ov)L4X{`-0
z)xYtuucrTgS&?N>%yPiFxEc{ph`7PQ^K?6Zb`iRBLHkQw3xt*)`o&(nl7fFJ&HbHQ
z=Y6LS?f!gQ(f(4tw4!nU?KJ;hXfzv6w$foJrnr?g!Q46W-ES6ZtGJb!L=F?iox{z&Ldag(uh_h{T6oakvtG(|+s
zKJ(VT5Lrtexfc25VRSI?f%qq8d6&Rv=d|fZyrc~b)YO&)nwdKN$*pTYrGBSAnidol
z6|SEAd;%b_*Su(rx$?CUekm~CTi)g~ymf1Y$nhOJ=R
zog=83Px6#kg@F>5T1!Ysn7<+AccO7~I~(qu3EFR1bd?oA{U~d7Kfm{I^yNX@Ft3yJA_PHx
zv{hmNP`oU&-ZtTNl-3?>p`@f_Ulve5%`hVKJ2X>f*J8rjUh^PLZDR}G!QMU{{>$O$
z`ifeD}K08Xx^NU<8aUEajOC5VS
zvlWeP_k;h`dueieN2wmT0;A_A#x^q!)Hzr=Ia$64`bbR*lSkdE-+flAQT+-p(iW{<
zUsggXKQS3cuyb19JcXCQa2LHaP_mxLM{cab8rht*8{~~-z^d-p7y1jUYcOY9>8!B9
zC{g?5FiFC|5g3lYES88?RXH&;XfZzE-AYl2<6l-VTTT+bX8gsOylX1Bldmgy3hmO4
zg;VWI+l0%Nj=c-pP8FUJDnwXxT-^Ic&?H3zoemRy$s(2x>*yCOkH_eY
zkTH1go<}En>EqrV8=M|#jsQqn?y>%h_
zPe`#(;sQ?SW_A&2wO^`OV!j)_C8V5^0m%WU$_>5vYtBPv&*|$dqp7;Rt|KzvTEBBl
z3)L=s=jrI)PRI$B!&Mkj)Q*^?JESMKz&CRwjSYvHP~}AGb+OLa<@Px}s_EO*Zn73r
zRZ`xqH6itb+DqwNO!-w11>d6#*CS?#dMktPw;q07AmXFLjqRj^yh$;iEM|lS?e@t{
z*mGpT@7tVK+3094U>LLlpH3TkOcTYm(B?KwVP%JUV@g`VuL1Ox5g##b-h=#*TjnXdgTOm5;1hh9_}k@)B?{qpd*
zBq&M2c;`&<4YUx0bv2p&z37&>o3@b^qz&Fpcjma3%v2BNQ9hLgdX{Ik{3+(NRFsk?
zQ;;%;TFQfi7>>}hhnTzLgV>lde;$2O!RBy4EG1(CLeXfa$#4p|DTg1+)Rt2iwnt}J
zxqzMAvO&aG;9nBD&Dcw*#Yx8@DkHuEi{)l{jI7$1ThA9hq*$E(cqxJ9Trr2SI1u`m
z+lZ=X+NCOu6ip@8%@kU`WtkB|1No+^+UZ)n(3cPs+?&`@EIPxUxnLponSssy{r%AM
zGNk-~rc7FU9_esCEZ9xKacoHn(k|L30b)(S+R&c8r`+(}HH`r^1aqW|$ES7~c`9Q+7PZV>6OtGq6
zibRPHW(VnSRX;PlfQ+-s5`fPVn~j~b8~4x?$Qur>c$jl=XO9`MwHnJ5{r6ZL0?ee9
zZR%IkhpYlDp3LWiF$62=Nc40_>;(O#feaIo9EHZIwwK?U7AQRW76^u~has~KVtIH@
zyhKXq=CaEtyo#&8M+jJ|ahyxdZ9}GJ40tqZE=(jlJFVkhw|rIA6%ESxQLU|wtHg(4
zFS!m`W68~o-X24Fp99kIGtI`NYd`b6O@zweFa;>DNr1}34RwsYwW~7VsS%#Al3wGa
zcg*G>Jn*G;YNUwfg%>(Jr>xOgGE&EF_KSt`vdLyVFuhd{{k;0)VvX03o40+adx{lg@cEygS?
z*tJvQ{68#3548w=4Qtd)7HBK5-~5x#!o@m^QR%9`8H9|(h!m>RMdNrsFFSNl3h5@l
zPHzmnV*Ez=ZE--RuE2~q=Q5J7iQoR+PI+;|&FPC;ndsKPgI`opG2{P$ihwhrp`ArW
zV_T!=ANP<`TViV(`A8fv+4h*$+JXuaptwF?iiTo`=4O$G*Q7?KYKW5?Lpwe+aN{@d
zlgOgTrM5@}CRji6e!JdH*uZj7*HRAet~mVy`r)IM=k^QRB;}E25}Ix~2=@4TcQ-Sr
z^UGG5q+*fv_8WJmqjqpt8^2O*Xf8iPAha{F70AWtBKVt_CuIJe-|wcRpoH-
z!PiwrX3Q50t>&WtW&*R^gc2gLGw0MdwlZ>@b?|Pjq8uGv7@Qv;*<@fA;P~43+sw{0
zbyhba8#8l_)6eoR?9v%EW3%8g4^Q1}CIR>a325+J-*h)FBvo7U$j1L)51s@-&$AJ@
z@#3szGAMqP82E_}+=f$QGY+BNokAc>)KLXejpB>gbcY+~44BoZMmjn=R8#Z^VRIV`8p~bGc39qdP6D8CbhPrF
z5;>jjKSfN{k)f-7Dd~>_x9?OOY>%t})b@Cg4Pk#MJL#J9>&Ml!who4QO+uj=nEx&S
zbioS>rR#val_9Q3Zr*7>lXYS;W0R7SQk4^QJ-T<+sa}eOHzoKcw0#bT79BG
zh`8ruH&~M*{qv=^HwCZXrE#HAv8ZSNXY5vMczB;xkkfhr%iSPcC{2e>B}e6HC`q)G
zh=a1mm-66~y)Q`%=qAZYNgAQv1Y3+HDOXPipT@f>Ahf55OR|zZ@Q!8TKs0NS^CVol
zkEc(=^3I@Vl|@jc9HK*tx*H9zF8s~&}4
zO-hGgK{#k>v$3n@%Yp4F7jhrCm$7`k@JAJtNqMG*BHZmD2KuL#!I
z7iOod!@a+-T6NJE6fei{e<6s)o)PF<8E#>0cl4-9dy1ESn6ikW$L
zUnqb3AdYrl$0?z8c9)11x5M94Zn53y))iwKiqo46yCG2=os?3Ora|eAidPL)8m2zu
zFn>8(R67frLNd&0>eYK989JNws9{&z>+2H+$h=ex=<>SmPS$8;?ZbU*oN+bv1?Dch
zY-Y7Tw)~+pISW#kVzwPD{MlBvnPfj&Nk(4_ze|T)9&d!<ym*zFnNV&
zO?s8&t5{Ik7?EFDX#JK?K(=>$O;$pI+gKs1_AnX_E?XXmKbDNawa&A)*it|tj9*C1
z63HIU(?l_LH;9|gFe6UECjcLV%?$GLC&}BztZzew_P7Tdv2_m?u=d>}#M956v8D-TA
zt5vZN3#5^`;$(v#NK5^0w1_cyjH%qmFp|^*32R1XdVrKgcay}&KY4N)>9~hKQq(oN
zd<5bWrHT~z3kV7XFC;^vD?eGntIAQ48>Z=6k0m#uz)B^UU+(
zU=|+T;ARGz@djyKb92UHdD9FS#>Zpqe|XNtfkT9aQQY<1R6KPpwWUQ+Fl-EV5;tb$
zvS5yT(nIAe#t|KwSh(!|+TKWC#d(~~JL}o!ac?Ne>IlIcZNUu2-B3Cw!uDXXS$#$s
zWRhnRRMfNgpN_*h8}tvWWz*b+uH_1{_KrEr}@}3H+
ziX*)Mi+OlgkPKTGSX=x~-(Y3sZ{y(t>1G`C)yDrl^}o5Xbs3S_e1Cnt_NOh=g=?|W
zqVifyqHHanHI^$IV#h9c4sl)nv#J&`*Rvm^)yI)w;wHZE%c7U>tYRX92s$2O1N9m0
zmvIRV2OS+}X-V1e5D1pNL)}wK_QESMn2-A(_*eu}Q8uW$ETY%fZVMIBRlEZ*K6{a!
zLqLDlmE?GP3QN@y-cQRJ3RgA~R!SZ`MMwFSEqErLe0+Q$kVMyEQoIubZdT?_PTcG!$i9yg
zS2xD-QmQ-!I;o>O1!&(|d~|+sZfO%)M&XpSsE1BaLFaV)qN;F}Xh^2H(ehnXOi8Bt
zMzAwcaV9Y_5wqR#;p(_A`395U3YEhsuz8A@-(%)cePPf75&3pDP**@_E_Y)e0^RDC!=~j*Mw*YlEonb<~}2hQC5$10X%h
zR$c=;EYKnIpwsO>DI@V|pG)qf^^1zNoORtl>U1)Qhfo^^JqjSOxuw~yxk{U#!BBl8
z9M6mqkrSuY6SkhRo0J)`J%U5t6VCEsyabEjF0LxuMp|BB@`jPb)>H2*(<;Xnz^e+$BYCdV0p3KBhFR8+t+2k2P&
zZ!x|1vwZ|BViRV0L`f`9k&=9NNyr$3_&dfjRsHZWF5XL$YJ4LON;p=s(%Lt#xEGmX
z4=nQ8AF4qHTu0Lk&M^vM_yXdP=+@s#&r)7H*84jOkHB_>|I
zrGfyW-fY%9b=@w`jvo6H*jP0&gZmvm`CjVJY5^Cca!Cqv(7J~T;T5vq;H{e4PaXHe
zg;(jfhBcMhxj{umw!-9N604Anz)6|aB?Wh>gy3Hs+!~K`2X4{qOx&WO3(IYXyGxtP
z4JQmn=6^=CY&vec-n}2r>=tse3PXd)TsoDnpy72;6-)pTcHp$f5>dHBUWX2ml{`N7
zk8#Ti1bckDDn$a#xXdWMt4eTchJHjtfm_=j87)pGMbjl;=`U{7f8Q?ZmVoewyXI{9
z#^#)~T%SO2CT#6Li5#P!=RJziN&$Cs>Pf>RcLvaTc_uTiYBe!bli~Ssj!NQzO#vyt
z#V)jMN`_UFW7tV`@1Ns@5E$aCbqv=I0o>&jxP_e08*3dN_duPtx91BcImA`|2x;i5
z>B;$x<(7&7kYdGEn%pn9kBtq?%h0ML+gU~)+sfImC#nZz7w3?O=4o>dfA*`}Yvosa
zA3@lcTJSbtt4`rJjF=wJFZ>k+c^#OIAqAbSb)Sr;C>x8OC8HKx-DeT<)K-*sk(>_&
zaa*=47pilI9)n=R`2^LL8&8i#HT9(>gLM-%@)aJrVeu|jzck9f5Teq!ezoDg)t#{iv
zU_~A=&!=ZoQyZj2$Wsw)H#^OGE~gzyA=0&UXn)=IxM+VGoXp(vJ9EFD;CcsO5ypSU
zFmZhzZZfrjM^PA@sg%l4u`dH~PpKXh=$LLEL6;CT2ry3G+@1U`{CS0?Fv5qXyi(O)
zfnS8)i
zUmcMAL0d~J{Sw@%rzyJG>zpWNJR^`_dSx6LvLE|k&*6J^oF^~keoJT9w1JFd4xztmrmzk85{VpE1vd>`kdX_MV
zs6dw!V1-#8v7m47kuokrRk5SV@il-fbxE`vr`R5kYF@9eQ+
zM(D%{RrQ(n-&k_6;E#g~yUnhqHf)BO{daz1c;DBKj_hZ@tmJKL?zAs3mZc6+1Q!Nr
zjBY9?vkIxs9!FHis!4L4QIdLjwxI1i9vPv*J5GeSbh4q4wpwiAiPM1U*lsr!qu?yg2Fs!6_ZqM&
zNyGsXho-j2lUbwM+WsOT1*{hC#W+Vg1hm|&8M`!g@+sgF;qGMSRm}cX0Q_n&ECuj*me6d6>+CckSo_d^wU16nskpm*GF0#17}c!)MUs0`
zmlkAdoVlBJ7~@CrOW(k*qQ&o<-Z`MSUZ`oemBGRvVm#MHHk8;-bRg7r;ynvh
zWzrlw`bAGwYRh#p9=bqKfXOr|MPgZisF|IERTFIZ^&$U{)K4>=XQomLuWHg>xz{}?
z0b@f3io!1)_pnZUR?u^CJMAFH0fCnj^geb=4+rmr@a<5ovTi%c
zAGQiRZ8S8G3J@ZN!9Dh1S~%guWr1t&=g>x!N$ZlmY3QP99pZ$+V!W8NtKm+gXI#AW
zGvgtzt41kLTNP>dl=RHp)OuI5*V9!L!#3&JVjhc~OgKiJPERRjX0$r53*u6Wv8BJ%
zO>w4{N|t%$i<>)s)h7rP#u1Jkv+;TUWDLOf
zn*&8|2++I-sDDu_Iw9+q`}mQzY&AH*L&R$YN(8O55E?cxWp6;qb})knIKP|=I0L{v*i?cp3LI6>2i=xdoQaF>M&jHCd|~`aulAO
z;Yjb$n^|%nGthRDBVSYK{`t|d8t6Z+V7vs)Q|tV3aDnDZx|N58s{jubvxWmdYxO|7qATb*-`#N#NUGaR|fF@Yqpjq6-EZ>4bH0e
z>)txry+8iDqXvj26|o+sSxdHbkg^EFxq>u)8%*spa_>T0puW`@{VD_q9S~l`*@W6Z
zQgbQdbAcDBYnPdJ-IaG^EukGh;gFI$%I!kbwea0=lT946r5!gs|tS|
z@(9c~U@6HAENqZd+Q*W+)1PSr-oj1QVd8flnmv1Mt9ZIx5u_})E+y21r{^_In{J0^
z9c}knifAPwg&CcE@>SJcF1Lu(Z{eaLj~Qndr>#Z@stR74#9Fqwg(H@0eR)xS1Gg%B
zm32tE0(-8!GvR`)HsEzgriy_m5f^-1ZifvUi`?Nb#R`O@#zEbTseHQYoZ57Yo&vF(
zEAO+!;ybJTcBjEoOBtDEZd^*gXcpGCv?9i}lj(BOR*Sv3o)Sbb&iXuiTLQxYMX3lQ
z4!ZaL=5T%PwzukWr_J?8y0==|mk(8!IuW+9jZcuDhqdui7`K}CGq)T;c6z3shK7!|
zHX*?}UwDPKJj&MyS-GhyU-XsH-tpmK#2^toJiJ0BbJ9!bza?t1Q^S;l!9p)bN4SwZ
z0&M)q(lE!uBWs;tDD{l&bcD+sALw}ap2C5`)MGr`@9e|gU*@g!O$=PkQd+=5Pzxy#
zK8CKYIFL758>is#vyrMRZt368#;yjQ7>NX*(SYB$S%QwPTB|=KMkqh3@R>k!wd%wR
z)gU7y#~Vs=OcP|MrHR|v+8bbWXvCOk**e)dTUw$RK~2FHAT*?9YyI-Uq9(BWTp2(J33?3X6+-WC
zc!)$g0m2V5F5TNBXN7tc)#reLECV$9Ltb96NP1G}P2uOn2Z(Z=HM%NJ`G1{cx17Ra
z3*j-~*T23EDW&NC`#`?Ve?-&6+5e$wHM?K8|NAn2o&Vb+7JIRHgoOQ~SysbFtmO^F
zViJN3Mf$kJ{0Vl8nA?adQp4nP)6+2-85!_yYEYHR%F2DeD-pIerB`wT{3JYg5l=#G
zVIjr(SSVTz1%+;VP0}f1005u>AUW`*{phCoA(5VzmP|NHb#!!;SP6hS>kcFH{AL;A
zNk|Mi>KIa}!8_bmWv$HW9=$g0ttvqK&!-4w6s8c-ch)~jUb`G=`+pb#rI0lQ@cwHD
z#7t2uytnd4&}8jr&bm-)Yw`v|O-#baME+i+u-2c)q|yBs#c>_Y;Cj+F52~q5UIhHV
z^}fMT5}L@dVidKLg4llmmq6#cGR9b0iWfs2#DA`E4GURKg{r|gkQaPJH%d!WQaioa
zgepB!Vq;l#ov`Ah-N(aHn3za-CHW#iyRxa7wr62pLRMN(62X~MRFstJA!dNRU0P-&
zNV6a#tOPE|69tq$*OZ|_%uMDVCumoeLdq*YwNp9m*EY9GNaE2Y%_k|TXlH1`t6nu-
z)vLxyQrz7;aRr{3huI?kA#mM~M}!r_dFDa3khagemg+C&jtYS^>!*iGTB+01ifB&$
zPOVik`U-#Sp+U7oiaYebI+dums7{EH6O}~#6eh_OTQx*yvg6CGtx1#T=eiUu=u)8W
zAE5bp|6?dSvr`eyiv8GMVd*XpXK)*5fx8jBYNbSc8x;>N~2XmwRdZ`1D>
z;26Lx8KR)K6x_4@9K!`m+@gR}R9;!wf=<)Y(vcoG)Y!m5o?K>Q`Frr@wgz~U!e^Cu
z3WI%0XWxDspHajeGmPMWVrgXwdykN1C#pg*>U#z**DQW<{gB4BQ3DU5bYa>_quG8NZasu)@`8J3>rhq8UX
zr(`(0f9W3Q+^>?y}_D)L)RhOtXh0xv$yTx$po{k6E$vy{eMT~`q*R~#HD0)kb~XaZ0&tj$X=>9{IxpVF
zKF{szWTqbBH!7T!^lb|JlX+9p?dMIBHZwhql`vD?V-~knNRM3?FRT9Yq$oK+L0^8@
zz!@B)?%t)8!S#;Bp_o6>%}9&;|LeeQh6&v<%SZfGNRa^-XFg3_eR
zJ9CP@0Cjk9eRI<6oh45e>Ni9f)yAHDzj*{UIiJ6shri+rpDj0fLu@0m+`P-B4Mx+H
zA|_u-jxp4cjCKWFY#S_)lK-O0KWHFFPG%1?4&zxC^W47S)Z^*jNvLOW}rtZza$uL(1ka*~?hb4lf_R
znxAfUy-U-~DOb;l&a5APjDPNIvrybv3XZPZ<#*Vp0;Y=#_k49r)LD;QNag;R<819M
zFsk0!m2aAzu%w}p_RH~^smjMiSGZ?NxotU~E5*VsYPCVrtY%ys1||mX(UE1L;{lBK*!0fT-4&K;;mP~!
zUm0{6Wr?m24sMU>OM(KX@v94S3rmRvzYHiGc9X&?v$F+fb5;NxM3qDfmufh!D)q8w
zpck(UEA5+t3s?0ooRkoU8@>}hhzBkw-*r%}sG}VNT^JE(V#S24i~6DWYoN1%GPmu6
zZNvB6FZLmwYA97qKb$xevAI2U<~Z_E=lV|Rn%jTK7hW@Y*@BDeQ~b-ya4#~~mOAH0
zE6gSM-T
zWbU_qC9BM%rt!RZN<}M(H;^&>hc)N~>GjS_jYcc$-tYcVrkb47ooCghM&{Cak%O0+
zvsn#ik>d`sEj`|OHh-Syjc^LZSIaiqzEbEPobBWIKEy4Uk2voLzP_$sL}z`AvSw)g
z+GCMCw>$!j6S(q_FHIkyAOmWW5G!Mnb*hidjx`~c6tqnHM4fzJO8TH-IVR~c%Xd=?
z5tb|Svzf{$I(DzWgRW_%#*m!YI6474FoXBwigwO{ezpBY(n!PW%$MTz*@)~N{c~b6
zDK76TbEa}6Z{SKVGRhKZ&5v)dIo4+1zvdMt8iy|W`|y?!DCu^iBvGv)zMc8XDd4d^
z{4;7(-28&jN^2z^R8U@&G@Hte^z=wd>p16hb*?z4{Me|XiTR%%PXwu34#{Ybf#kLK
zWl|>cY{7`|Tjs>Aq-Gg2I$AsVOr%V%1FWIGKfdS1tc{(JseXDt?DG;l6LbdinN5X*
zJP&V_>&o;0)53ApDF;~US^Ne(z;g|qlt`LyB3#7L7lV+32i|9aTV5EOk?B7_slb0PD3GPtn?y(pZ06NDmX$*HM>^o^3qkf8xxj)OgmPM#b0GJS*?|_eiZ=J0lMo9J&*?;Wv
zFrO&L3y}yT8}MqvUr(IBPykK7#L6F;F^12+KKjP`d_qX9ph4rrOu}q7`5fGnKeqp&
zNIEUUHFfD5X%lQy>40q{!4=`(bV%sX&tV92p2hoj%ER*G>_PqwK^ptr>QQ7rItMGv-N%fPZwp4))^^%QTesKdC)JXH=iyiX)c-?
z3?0)Icm*l6$BwqC^_qGqa~O=ZRIAbFb1R+b`Swmo2trR6G2MDwl_`|P=7+f!n|_w-
za}de2;qFA3x}4PpSGdZFB4LFf!ym$nNup7!<^)_R
zR9cw7y4-8Tr|7Ayj?$8oM5X1)PWOQ0iZFTR&H=BZ7jxz?0lRJ5?2Ix8VZ5TIV*38R
zzr@3i2lFlDdVhyo0Tc}lPHI#X_?vv!eV3Ra@?YTue)XR*bh&Ic)M+PM>+*Vlk6Ly&
zuZP8h51U+KAi`ddy;j>u?GCW!jjRwZ4hxxjO~FP14Q?5e6>hGFkX&-)G$IX(3jZ%tlwFfr><<+$K$-=EB_RV`%C#A46D`dZQ5IsD>G8yvo
z7m&gzx5eBv-U_Vf>ZTq=iItb7@tn|rl3K6h^CSpr0u&PW39$CFd$GQ4X*nefxVz$(
zm;ELvS%Y(5;~q3gRx?=BDrfWOAjFheOGCf4wke-PoV8s>Su}z#<)uif=j87z=Sp{6
zOaeTmm6ztri!RKs(*XhCLETgaH-K2_9vuQD`=^&-qxe2Wqp!mL3ncy@uAaDa
zscMgO74jdzO8fX9?CR#32+RG|hqS`P7vkE7H@%)CEs$KD1_iMRGZu33_>o8$@{;@S
zZBAAD2Xwrk|JoLEfjHcs&^?9(qx=`Xj);t`QL#Tm&lUX-!WN)UG_qoLGduX|L;bI-
zqz>tIc*$UVK_L69!QvoPcT^34@CvEWmD2s~l{`R)-{KPDz7IXSsk
zhgZT(=%pRSZ%T63J*(
zzjS=U0)^80nHfb-G;dc|*mggS@Ixtf~fiI!ZrG|_olxB69ona|TW_+BUtULt!(LgBkv;>kNd%S8iL`Rni_My6xpLlT9
zvyllrCh<9P>@c4I(8aB6+{r0vZ!|1z@!MUVRSb
zIe7U7%p1>3Gts_~GI?$`U2F3vIk*@86_m7){9-X_D9&wTAynp*m?mFI69{MR(?dg+;cw2bh&G9c9mp2Fn7^@z8S|lnd9QX_JS0>N~n6t
zOZHSG=lKq8c*F}Y%#qpJ9Gtad<`<;XU0(D8u`~qQBa%joiG(?(u!MU|peC$(y
zq^0HOVwY6Ac>$%PTcf+vAASMWg^Y+wfHby`2|HJxh$)22@`FVl^F~g
zEGj3KdXDg(jZj=oB3$Ygt-1N}<1MOjsGDpi?2aw6g4E>_lNMEiKNb8WW$__aBkI?)
zhEJL*hEm4H-;J%T7@Dmuf6z12qUhsd@$#(dBxS@?PT$TAwYlfZ3u3DDxpgI-)Kn=ojifZaHJA*Nn~H=R
zFGd@#EFX&L2^t)9|2-=M{(S<;6$%mU?Ci*_!84ytIDH?!hU&>!wI*|eoxjCFjpG5W
z#i5%s+C5e2ZOquaNL7@d;D116pW9SRNDXYHZ1zfOsfDucDz7c0XR9hHp{DG_0(~>C
zM_W_y=Y&*AyuEn6fBExpPS3^RM2a8m@2hhysfeAdzwLELu1PD++*x1Om^YLYiP+Fwj`laFdFpKk`(KowCIO9-R>I~^8Y~|eX!C2!+enTNPVYWm
z6`9O$my%w?9@+6v>=QTv&CZF6{Bx-ca7(->izTQETqQd_u~bJwYjSh54l;~lzAWjV<>zw?XIwjsczL2ue|
zJ&rD1&qqEP1k>&Ei`|zEHtc#(j$ua3?|&L?;h6g~Z|R{6)e@g9Mqz!n+F)^LQRV42
zH%p6$Ks@(A9i(kpJnHnfF0)Nw^S;m6E1=vaYr0-`a%j%?aVM_9wd>`ygTKxB9P~Kw
zHn-E`bq4#pu*tWfrB-o}+AOJb+bEfU?8=1!Iz5F!@vzk5#0EQIPIs@^?V(|6WBqnf
z%O(>;!G(U~=10x3Tu+)rP@jaK?s!BJVC{FP7nO--ZUt(ueq!gL9YG4P2?&ZqN)!Pdp5<8rf{@>uG&FQ>{NjPLvVQ)XDiQ79(WhUfJJ
zn!w`~Z)RAS+~~JT^pb*poTW2-{LF#7a{T2M?7F899J1=tiqEazIiolu8Ba-*b8Z?E
zgVQosZr4MGiHNon>lu$oh~&SkvZ9K@L5!I!?C+1bNX|S7_{!xwAMT>mO*x!l=W{s+
zHND><>d_S#R(qOnaB8x%@E)O$Y8b`du-F?d&uvxrG|&3*egkY(Q?2>iSES`0rd{hD
z4og}0F7N8Y)SZpi6+r5KrPGFh)zw+Sw})Km$xgz+QUxOxKwFg7J;xRay8e-o
zxCW0=vGdg;d!&!%pLPeK5TZOz5JoTt~eyBIkd
z$(^q>98N&&j|_KX!l0_u?B!ENH!z_O1k`4x^*9Cr?y14w%ec2+g=(0
z+?Dx4E|gDctr+uFo^K;+f=o`fYSvx1&nnN-BDXW6I%zVs3-d@(y|o<&`AMwmq`yp
z(f;a_o<1tR>OEbqAJ&pBzS^H^C9M$7e;SPT=lZM(aI`ga43tPpzbNX)R+vwJ_jsgJ
zwCVCxxcK%^au!Wi+_KL+GH
z(N<5&$t7A;8(iO=6sD@GBZP=ffEFl2ib8A;-sfh4M;04QFzheuIGY_2LxZ4V92q@Gmy
zjR%coT0m1%CC!|$$;D)wbBomePfIWRu)5hx7ocXb<5B^ymZoM_4THFDOADoYUUC%j
z5q0qH;NYO`n~N&_>uGy0^2@Dr*wbM$*Ou)!vRE-ZoeSOg_#Ay-ole^1k08GhFzFUD
zNt^4nzoCT1g_&MiP<&!+iQYh8ImKT%%AwjyId29^i}Qr2zJ^8TeSFYksQdsK@bl7w
zh5^&l``g>OD%)C#y``O_e`@!pUaSMtQST2mm_)4Ct43L(269b#xlLhE@kfR#&`n@z
zVW!OXaxj^%x}!r}KKCYC@eP{;t!57qI%0qBR|S~GKfDd)#l@5AXY1;Kn|v~)w!gQJ
zg;1+h&U)-9<)t)HpPX18)c_Thl|)9T7bLiZ$7kk9%0BP)ogN079K`BbN)S!T{<2b#
za8V-EQELoLc1}^4vMt=FHKjQsdel~JBXdQKoKNp#HW#g!pOe;oC+_SOF;-rK^o=%|
zV>K~N?X|%3*uStDh`vp?(f0$aufcE)(I~UT6>%Rky#k1~SF+0JF@0
zD6UGAEkXdluDw9;
zdc7_3!&R}Pc<1n{9CvU{BB%TuXu`Psi6J0`c4PH{mPqg
z8(1hL#Ark8cIOcEdJeY%hX3qWoyV$gUVqq$NAt$2uMe%fs9>2(ZrMo}Lc7D1#nbtBs{a%++mV#e>`aM*x)?YUSFoUFX5Q
zw2)X+E2v6(3!mdXz$ffpi|ru|jTQyUE9lAo!JmtKrq
zx37=TPw6IO{FJ{xFR$zwUent<*ase??V0Z+BrF}%u)umTd4_`fuPd3wWb}4n${a;r
z`r9d451-67Jh7v-CPew2<9c2hz(K~8CKdT;oN;Zb!6EAt08}Lnk9-9rRlqs3tEmcf
z#sfcz$vS2AZn9=a!}YnhDeYN{-CynN)7gIs^)h#UB}9VLy<*Y@e9#7Dc^+1c}%Ws=F{YFlni
zr)YO~_c&Xb1EvjF;s|ZBf?XvYukedr*R?4e0QNoG6Q*-nROX&ratDrF?dl*uhc@|ozv>pi3Kf{WuYb)UcTs%i|H7q0hhD0Ai{!Yw?=4lNkNQp=*J~%`K_U$~O8YPUW~qP|0E9WV;ve3Nf`4jW^qXr`(f-Y_``9-5P^mXCjG
z72AB=G^sShNnh{>A-n3qjY&-QdCBzVhSm)0v;R745n0_ZI1WZ7gt{z;OS`pw^3wCu
zqpc)=+|Q*L+zMU;NY0^VT!!(*mv?>l!Hr{m!*5^ald=RshWiANO6^y
zxqDGNs%Huez=7wRN0+wt&x}&q+Vf1oFhbou
z3#epul%>dje-?HwE$$c@qm&i;>vO%y?^s0aT;JS*s-*2@-n)F-R@tDvkU4~CT^@aX
z1Gnm4;7cmLyHDOYGOd|9P3b09JMq8E4Z1h7NJ^z%Z!IZUP@))3#47Y%JnnklW@Zrw426qf9US^`cdJ
zYZDmXj8bqVF&3Bprx{dJj9vFYnJVdVS5THq&8Zw2(NFe7S@ECU|IQ~r9J_q+;>8O;
zfBMBW0|m#R>M+Gm-v3tIKC`fmc^g~jC8tJ6Qyt#o-(OQVkKC|cf0={2mTqD79i0{K
z_x}2ol3Q+J*Te*+sU_Ly%uBDKW^?i6!6QeGydjrb(#kR$)F6!yo)^7m=Uvecsy*4`
zCB6TaqG51OM{9eU>A8Qs@$C->P?I}x8Yr*4i6)7(II_Bo)hK7bN0kH+0n-kTvka~X{lA08;dP*Y
zPSJ23#s1>|cL)S)h?}c7*kNp*gQ=y4rEOjVF;7!oJuoP%Wn{f5gr4kZORY;^t0xRj
zkSAFKb9R+XX{c?FGd=pRyRKRFSSr$y$k>MDd;ik(%1N*2Y|4#v&^NHKu+Z1n_l(Le
zYpU-^);s*4AFl~WDClVF=;-Jfnd^o%boNrvl0j=uH9N`dzi{d7H7PA^kN{xdn^n+I
zSR864viGWO5gALK0z<`;Fl!J5Z@$)s7&}R|JG}NeG|;|CV>O3qy6RljOdc5+OM9S7
z#y2$L^X)F3HIK+`0!=?Y-bZc^lihRD&=nbRZ&|%rU(7LE-)#m!Rnp;-poX+#Oy>;Z
zkxh~_j4m1KYT6g{F;()cu48&ZFEYag#`Ra;5wQv@X=1)&hRMVXwfBvjL!$DE3&QPB
zopmVeB7g@zHQ7>^=qmooDXU~0P|0{pHJP7f9Gj;GN5*IR+sZ@TjKrh_wKdeW<@t_Y
zl2o)_S4l2i+xTq!6tLd0{#X#yv5Cv-L5!I?5U2Smx3+a`Zd=cWK^hnsY%|DhDmhN7
ztPV9i@K3RT(k>j+42aFe@uGiM^RL{CR9vxNHgDBZ(<{gGElRz*V>l&^1Wp&!wNA#4soHViTuJBL9LTE|-q=>@YjgM3*{{xtYUpY+4Nc!AG9n|hBirue3G=w(4q)xFGfYiWgul5taBq7ItO4HWKt9%MP
zktuAjj=IX#pLrDo6@xIy2FZs}$*5-RBl(hM+@BjHHrL=u)v->F5?smwHaCQQ;rI&k6ekXSWVBl>)pN!3bLW=Kjlq3i_!Vz8}(@eYKhXya#n%^+c3i?YuJT
z>+}7t^Lhqo2&y~kyB85Ah`-U7^p`wk>gX5W()lnd3EacM0{1{04Q>_hc$I@-$eC2n
zvOJW>^Cj)M-!}>_MZFIy8Q&eFEph%!ZdohGv}#P2<%O3o==m2uaM2L;C6y1|l2P$X
z?B0BCKo);VCEMH5w)v8o?&>B=A~t1IFcNgVa#dZ)A-rWAI5N|?5cQMSq~%>X`;rf-
zlE9ag5j6Fx9s$A0p<+*IE^Rdv|As9p`9NRNQ{YDv&$zU@at^*EyGo9?MtG>Hb6s{S
zpp8=oEBzG2^tCJ=UM0~Dt*Ak2-PpIyAb-`D>@JNpzxcjEY<1Q82EhAO68Ms4x5Y$m
znTB*eU~_VBhP}SPq02WVG?Q_^>PrSnpE0)g0ezEQC4n#5mS}U~uNU-!D{Gj$0Jp(G
zC6k(4fPJ3(_c{H5E$h_dy$Q}@QUaF@0^5esH9&-+W)8k&ikmhVzSxxZ08L<}r;#VS
zeV#dA65Rh-Uzz94Jzwtr^1PgD5(Zh5niwx~zj0{azxI94&2lInMkS*=kaoyZ7WUPHZLjr?ykFbxrt>M@JdW{H#q%)MrczHa4iSQLgO`09z1a9gkgSq!yvgl
zEXU}akf88cvy!xWGL=dN{sJZ(XZ()+B;l(3-
z{724OCD*dA$OAxsYff@B;{W=%PFhx3Gq|a~KEnO;lIrjM7oC^vsmm)4GCaLk!7IN7
zH!@1;??WF&xr?ZQg`;U&1$a4YefauWQD^6bS`d%Jb>oSH8%wC5eL({`^X=#3mQ(gA
zL-Tg`4Gav`|B^~}4pzpQ+?GClRUr)9+>Z1vD@m<;f?hyVh9)oxny1uM)r}LnJ6jvO
zBa~17aQdQxJ323^_vtPXbzlFS&Zfe|t@Dx(rII#Re&#+Stl(RX?P%%FwNXB&qGps(
zGlgSUN$~WB`XY_K`&dlX-76c{-BebWXmagqd54&)4r*s}nx)L%owscZfQ>b#csSiV
z`ueNK(0R!%Dp?s|qpxyU+_4zb(q87OdVyD1>=As)Z0yK}L00&yZ8Jz<7{JCPU)!hS
zo1fb>Kqhx|DdPCSUCBCE+SCa!w<=8vQA(h=5OC{S>k{MMTtjKfi)HMNzBJ@JI
z-hMK9aAc5#1}lQ~Y)y5gL+gP%Z+`T$nwm#YHHkFXKj
zAD_r_<2fKMplzCj?QE(jb-Z-slY`uUtV)6w0*}7I?&9$)qT=?M7~~r}WL31-lAE8O
z|D16ykVx=udnjMB9X!mz!6-T26W_i5`Wv79^!>Iq?(P(A-Y-9UclXY>c75@~DGBR>
z{$AiKfw6gCQL&fe;r|}diEMA|n*hO5ALV1OA4h{z9XW;e0?3LZvYvjDSHVAh
z!vOijKBP*5cX&s-o2k%e{}Kw$swbj@)(yZV#)jIPaxKJO+x6+2$V%z~UfKKCxXF2@
zcaMJa;hTGQ?Ro#J?{4U(_jV9z)cUw^JwEhN?0V&rm}NrQ5S2FAJD6`KeB|r*Uq_ZT
z-~Q<9oigzSjeQ%JL++^B&rI~>CvUuoX5D?=(LN*bmsAonG(6Igl3*_I!yCKbVlHCx
zD7u8z4>B!bf|_NjcH_`1ukG5q_uXA$0;k?Pr7G(V2H>C?q%f&-hrU6Y{=h*l9ZmjM
zj_P`*KfFp>bKeyD@dy{!k)1nt?t1;zbE+Z16{90G(pHt605(Q0wqvbv?|$#y4=-wl
zwbb<>o1bXdiVj!ak3Rb7jW^!>_VR_x5(#f~;jtHMQ
zd{$Y{=HXQ`rzDqyL4q0*>$5|z|LxOvckaBXrvrqH)Y+Gzf8)Eaf#tuw^W(3N-ZjZ1
z_Y6?k7WB5OBzPc0O_BbZeBb<+)nsp9)KanZt8o)XgKz%t#APYZv>|ZU?XK`uQ7?q0O;!6SsFax*$
z{0bYJ%9HZz+wi23X;8w(e#yAl_;luHJg8?5h9Ui3b=gTdP2EGtuE1?UN*|%A2-$)a
z6B8SgS5%AHn9f51^#_Jnlvz~U(oGx&Wun{DSV2&ujs22+qeDXkOld-HTlc`g*ua*}
zm27P6IE#%zwsAFJ2PvZy=#I0J_?%W;|F+=37`d;rsWPLIxqA^Q3Y+caFZ=mzg{zTiDo-2A)-7Mo}jT+yyc#*HKe|J_=+%
zS_`rt4I~Ef=zcU1A0MBPP})T#1GC;_W4|OTZ+=4uwwH))DN8MDCxC`QrddeX*3BUM
ze#!XM(i&t(BnoK6nvxu(khu7SlFIzFe00Ag(hB&7yewpEVQgY(a+nqG|L$0Z6*mkI
zl5n7`!nVFK^g{jJZ57D{;Fi(36aZ)=bY4>Vriy(GVmyGNIt;ok3EeN*(B6w!5mQsZ
z{i6FN!NZA7$!o!nphW@8p<>FDlaoRAq@*A}8{NyV3VK!JuvAiaYh6V?>&r33NIM(L
zGUH-F3uKn%=M^+IHUU2!-7nePhDFT=D9g5BZAK{w5&#?x61W{bWpOD9F^RcV+xAO>
z3a92gz~n$D>Z+`&FKfUJu1{eD6ItIc2}sDPtZ8T^wUnU2$b_td>P~c%0I4A-KRrG!
zEq~j7Nz{7lG2{(%1(x56MXVR(LTwD)FNu_xkQ!UoLmFg_zR`ZYVUXK`Xx@$eya@@3
zATMHaZ2Khv@!1unZOH9U_EhI&q=1-=jLf2{W>AghE+Tkc0e@j*za)|&EjO*cZ;UoE
zNouVt$pR5^iHX^bjiu?u^|f8yTP*sw^2jO)dBRZIildx#B<^|D(|Vt1(>^ayIt%jc
zE`9x(vSVsJh84#d&^gl`E(@qjx<+DIQNIylbx4pF-zT3NM7I;3_9rlq=MJcne-yww
zpkOL8b3?7Ij4h;%GCFA!5BrNjo_lDtQ9^rRQbr=;6ZqO1sb2j0u$*6XZ8w>ffHO}-
zCC7&Te|vZS)a0GV0ldHLOvhDg*G|h$XLju#wsd#d-C;cjtAa|1vUR52tYA9D<0ELqJ3pg5`*u0_6%GDB%hUxyVVLJP?xSneiXk=LvK=Fr93Jx?Q{P
z*L;7-H+i0Co_S{Sp6_#fKac70Xs5K%H7>c77=7&UzTKxA2KB^>+h+hs$?p&ISD&mE
z_y_-XTM#e%#tgmkg5(byLFjwSLcQPH%1&tU^74J>_bE5DmgS41{~2@Wx{AY2h~uv|
zuDCPj5!1}jwQP>pJ3n9A2mgQ%3Oig?WdK$|N`7CMP;`*yS-n=LH(ALQ*PVXwD9UNK
z8MU(-wTn)xwb-20cRmKpp<5t~rn#poBS<;yq*brhF7Lzatbv$!Z5m(|q$B`@23K}rGuxPz1g0C2~Hl%yzwN--c!E$NnbS4#3Tg~H5>WsRexy05Y{
zKTRkUp2?Mz4H)MZTu*0^Gc!Z=g+gHxTjZ#uO7?Juw%N&tE$6Sc-)gF_Eze_qN)ca|
z8%O0WvWhHbAyIN_LCfTX-ZkxM(PCHMuF6Vhw<{E8r+psnmv*P4m$R%u32ZEcZQ
zT$G)iUf$T)HO;QU(#XGRyH!{}Y@}Dt0s{b8D^JFf)c6Bw7H_>z)ECJS;Sopn_y%zf
z1SeKY&Yk4{?E~%}-@SVS|8%0|j-H&S%{sZXM#Mk7mwPaX%k>LAmU68|Jxv&@6SnN+
zg+(8Yi3#7go4aG{fmlgedeRp$A>94DIop5zo6ypVKDCu5tg4>A-0&m*!JGgtcfVio
z`|p38+SB{kW?dX=&WH_vbK8e8{6mLNM*hVwEFn&Cb9w%_r9JJuDE3gwZ8a0KOJ4y1
zJRQ$c@?L#%$jcix`=60?j~kUu&Eh|AT>tvcl&;Q6f>t)m(ms8C^YNl_y~@#FpB&5g
z<%xS#ibpC{Q(8_z9=}RX7_KF3dDGh`>cr(fwNYWN`@6T-=HEr+UFvr69pevgoe5v}#<7y|K@Clt@7}#83Vdx>V&l|93zL$Op}*Y0DN;T%+3Deuoa}V}
zqz>2fzzh9_;koH?xr5953jpx+JWa_9QLpSvtbN43uE;TRw=Uz8P5vU;jKV_Ej*)xP
ztgubobDiq($%axvu+NXyZG7zww%XU`jj!xHav-PCHI@vB6W?r}wmY3VLQ`>aOF(=^
zQ>(^FJ9Rc~rQofDiP^WhCgt+-RR0Y;$$iZy17xC0@K^nV`KHjC!@JOykx1gnk^!bE%TnIkaJ+0(yHw4*0pJ;WJ}Iegzy8nYk9;FV14iRFQ*CFz
zYf4TJ->XeM{Nr6IvPUCxG)<}|T1(@1`kn2V8kt*_k~FE5b(9MHctu$}PQu0N$_E7V
zonukamRHfULKgslHF`cNX`L9jDm)bwxF_mTY308>9!u&q(?ezF1O5>9`IVev
zsk9>hQu67)23>4^Y%WF@iQAw^5o_GzV}^>X~%A^ANzB|BtOD%vFRTaV;-YuT=8NM0Ei=;igZ
zrNUGJksn@av6;RUZwtx1+||ccIyI7(FVnV%WES1-UG6rdZ4b>X>}0#7%632ZsPDVp
z?8-hnI0?m5w3&^?;f{i{LQeb@C2jip`lDgAqbBm@UqwqQ`j-l6ne1d!#;#A!U1;rL
z^A`YM?L0_HilXM{=M8$p!h+rPE(gcr0%6t~2)on47MxnyrR;XntXHeQE=*-I5c8Ci
zoYNVs1hYP~ypy7suJPNul!IEdnsiz%yRufNx7ZwP-CCNqFA#GUy_s0ti(1Do
zz0>u0=_yGkP0i2EGMk!TdUg{4V9h)kOa5@23K}rGuxPz1g0B{E>2>{>@QW5~boo`Z-`2+v}
qt2}w~WH}|#(9qD(zP-Kl(!T*Qz*-w@e>>g)0000C&1fe-=&2p%A~yL%GcgS$)P1lNWH0>RyBB)AjYA-Fg0(zv@f(o83L
zXYT#h+&{DC`|+K%dUc(1x~g_PRke5RXYUUAtSE*4is%&r0s^{>w73ca0umPj0^-g~
zMEH}jkpx`$*E44osZR*y;CFlQo9BR!3Lg;=Dx=UIj9_M*s|=^U0axuguEg_aC=C9g*@)Q`
z-Y2a$E8ZwoU%!8UgWZ3(GDJfDPE4G^D8n$*x7XkCPM^+?w
z_wY;d*?YjhQqIe0&cCIv%Fp`=|CWB!A#T3@TQYk4%nA8#i7ga?|6g4KiLan%f1ia@
zd;tF~AV^~UKg|Vq45nx?+1qSzbEL>4BVi&3MEWZh(ECf~tba4$<>A2={#W_yM@}t%
zoRGBTZ%!ou8~oWh)(al5GhI(ePiF-Vv+Gy)!U
zadUHXbaYJGSX*1$+QNPF<_$JBHXa@x78WTkE-nsEgg7%jJvkp=@PDeZQAOu1;b-qj
z2h5m#6;>^@J}tTX;FP#^e5|3a-jg)RB9-<1bMPlEL#2#7uh&;8IG6c&|Z*m9dzxgXr&WoC7v<6pQKw=?|FOU0^qsWE(aVRm>hfJ96
zH$g$jTq#OBd&mjYvvpryP_%qQ6o^O##jl>6NXg$II_IHiYrmJIz^Q3z^lxQ>K%l<99Y!oCCMH9I?2c;#KAUDEF3C%}A=_2A
z;5=~~era$lHjWPv7`$ij;O-P8L(qsjgY|C~dnruiz;CEaW@T4h;jXYn}~gJ;f#tp_9$P*EKX3^K%(S-twTUpN)8
z#NT+W-FL8^s+8($(zamE*Rkmv1OH4|d)oE@JEjPD4
zD+#uVk*Lm1^BF9|rXP7w%=o-CH&ZE^wKObBDIzknyquma!OAAQcU?*{c>F2el(iW|
zGbal}Wb9`x(^~8FtIcX%C`|hM7d+=3#4flM#{jKw#
zW&ITkY0-8WGkY)C2{KJUeIP@jT5kUG(x1-j%`qi_MY&El%y%X6aWUdnRa-m7*SD=L
z@U5S<)Jw7No38^^aSa)By;|iurp*Qs?`?+;^OGl<=H@H`0DuWz>+TFLb|IoWk-Vui
zb8t4P>{ML&N@%0YXh9To&85C4)n&Ay9b@?@A&~+_!TsvJI{o&vGuB_kmN3oe|1AhC
z@(a-f&Xf1<^&sLKmC{y9{iZIcrcvt2mnLrRF;BZ14~Ds7h);3b05kGY|=`
zqR>!L!6PFdeG?NBViHnfQc^NvViGelQe$JO{CreDsi+`ce<bwqko>Jh3}DvU+|3@9DF)Bc%GZv-Ow;MH)LZM6*=j!6}{-(INSXMgt=JfQ7i;KA3
z#Kc6hJWVkLQPJDENRB!Bzb5E6+ZQtaiyO>em6eT-8S?I{@#Mf|8Pg
zqBACioVmKXx)v@LaB=PWXz}ffMeo0$#uCOio91G{`E-+ZZ`j;~59=(PKI_Wl1sVDkvPN
zNPEZ-D|7Qv`Dn;hChZ{y2pYfG5@J`r>o?Xkr`8|mx?*Cuk5u7)}1UhK<4`U`{!=I)?JI>5RdL+V~po3b$4PY
zT73^RHBrP(r;S79?@W#N-Z_ylpEio4eBRE%{&=`_f=-zes(Xr!RZ(=ku)e$_R3WuB
zYbF5^Jc-u}n8B_1JAEJW2(`dV7)lucFG}_ViMLnJ=etjbQq&j{z7$=#m2hiV9#@6-
zTP7M&V{7c!9yNKpU}^z=>T))qe-
z$1SzgojFTt^}i>Ev_y}ZS8mdeE6YA8a*_GCB1hFE^vbqYoj*n-wQvqfn4~0kl%Fp>
z4Lti1EflIo_2y;jrVT}mbdO1m|2rW{frt(pJDgX6Er~QW9F~oi=F$=4W^#M3g2U3z*bNEuqL1#l|-42FNmfHiXJXrdq2vvhF%F;gRQ@bwN|8Q~Zy0up
zN$gC{TKjm@_
zUu7T+CD`uCNxpn~RC;W?$q`K$fd)D)=Wi`T_ige;BI7h^asa4qTkA(cT10rcw&4A}
z;6hW{-ti^Vknzjl6m(L1edoa~YCmE@iKJigH>e?mMfDhI_J%g8RI6^?1_lDaaiuU#
zl1BK6cgt_%x7XE?7e2@oZ4%p_ME`7I)aE8d|K;F7X{pM)tzr9IP1^Z%!_yt)uEklB
zN5o@;Hj@UxypQS*B1;bQ?9S%3pD5I3e{GS4v<-&W%*9;?p5IBF9XJ@S9p|@pTAfnx
z^LvVp9%Bkch-*Z7E@MEO7HiL=u#^2m&VsRkie`Irl!!+n#r3Ga{`|4jO;N30*1FiX
zMBcfE!?3{Arwh{8H+z#k?wRI|zvLfgI|K9Kz!RL0#7=Tj^@g3GX)MG8X3?OHq#tLa
zN_27SPXGB4t7pbW{0EL7f73goojhnr>KZy}=#DZp74x4R1bS?UHDfw}ppCvB;;4?V
z9*};Q*~qrlY)S#|PqBl}aT84>V*@%;mWi1;1foIOCCqxYMo*|w9FYxT-C*}I4MDf_
z7H3pdD2Q`Qbxei$d?GzOslB#e=$rab!hpx+`ul^fYCrauIY~S_cPYnHw+5y;Ho^sE
zVv?v;Yy~l`uoh8=xv5OmoMhh>w7ibXNn%#sG~YzJ{k0Vf&w+
zTa7RtH(D1=i7%f1Sj}(#xR3~6jR9~xE`C|SaZp~4cd;J0t$^JgWu}}98Wxsml~`cK
zXBQ0d{%Di2(F^LV-!a=h?e*ay(?ymFVSt*Kz~hotxER
z;B=nGjG3uSP+meF^$M5vX@X`KiAH6E<_snaTIF43oeBrJ+gk_Ote;*!@1^zkrrVQvmKu?oIH^NfH-GU9=ny^o`zWz~}QdEqKQ
z67H9d3CRS3<~Jb-P0}K8zaM^);s?oq3&ZgS(*xpGG-jQ?411l5rN|mF^a4;Hu36G+
zy%z(cO|aa!^W;I+^^V&_SIa2+#S#=)ZfH@|er0-1C*npq@>J0?%Ys!#Pvdc<^dyg@
zGxDa1J9nTt4%lO>z02XImz!H^SBg2=iDQv%UfBJLbAB|Z3`%ASF_FEH(g=rWnO8rr
zJkGS&?p`7A4qSnjq(}erLfk2@xc{QP2JjGzHZU^1#MO>NJnP&3r3@#qN0Tl~tve@4
zPkFK4cP4xpPfE!8xsc>QLLUAlZz-G0*hOJrtHqz;ohGx(J4xcWoim1!U>@t0@-!cu
zeqo$@zH)JJMerXRRAyl8}0-Ki|F#@YD<
z&cCW3uCoyMZE$MvB((T?0V+fbAr$;IRdfAphp5l8F=P~)svTUU-Lx6&{A6ZgNql!w
zsol;H+@N18-F*q&45r`2s8naS9-gI;gG^-^H*XSpwhkv^M|6g2;D0&%v%@UaJS-&L2p)^%>KJf0)wuL?uXV2kd5tyU@E;LW~Mx%SF)ss;7
zYY~)i=+`Gb{7)KpexciLaC
z@weY=asYOS_+>-amQzV_@faF~tI-!OUS7(a9*EcnbMm%7P5<`8BnQ~?5QhwHD43g5
z-=U_Zpu8B+_Vnb3ks=n$*x8k7J+O^Fpum4hitq_MhTPE9lnT|F92@(}!}%V7IaqjS
zKel%n8v5!|8GAB^w5HfHaNHVa()7)34}5$c-7Z6fcN@tUS^+$qzaj_`bM~7%EUIG;
zvZ7*>Nw2chB^bjs(vnF7ezRi0g`q^=eBFQvZx-n<0e7196+|B`-F>8ooc^)r=j2}L
z3`U5StQux0xNaswh3It6_K%IjeAS=gPs7qRdDvIsmll38y#ujp
zOYSJ%z?lx98149E1KX^y@Ts4t59smBD$l`-uKw}tFFoY(`2+YZn{HwG589_TU!bh;Q)}e(S+d>=@_+R`_}i&>{mXgw
z5sU8L2Ep!uZeuSV9%t}=WzYM~;iJ<{&wO5NRqZN8H%HI@wMNKM%_X?Rl2+$+@MoH^
zDh=J->c?zTLgh=3v03+kUR&ua_GYZ5NAut942rOfvlMiX0l&_#PC+va1AW7{TxYJ+
zylfnmuNW9g?I`wt$g489(oKQ8d+~?r^MyDkmb+P6f<=-EAyQz=Ep(Yki{7B~tJ)@8
z{B&AB#vd=6Lsap1OgB~qN;47vp#7WD!iZli?ZeZ>#Z$@!j8}9dS=0f%;!}x5=7LRNZopzIBzxq+kA8xis6-(Co&9GB^xMfv2&(Br1
zaAEA8weg9HOtdL#G#i|uaa+z5+rtt>^Yfj>BVkgUeW9w=Lj;zRkK?oMIoah?#*puX
z$QnOmxIIu|>f>XJo;`VQS)obR>jDRAKwYrle9!c=K24vqJwP0d5~(NYW-R!MT>3WsrcLF+-*ZSa%G344&>)Xvz2BGfrxf*v&
zfkb77aWj2A4Y
zh{eoLuL&tKk}VGFDnIb6d{FzKtn(rvb@QFe&XP_+sD*Ds?LxfY&aud<%7;7+)gsb@
z?b3zz>2<}AoE)4XTph-bOl9bO!(v5hvM;!=9=<_|YoeOIvyb~9lVk`v{>-1=`c+J$
z!5!zNW%Phxm3K$1x0m*z0Xc7Qh``#u{noKK~}m#
z-ejSg^)AU{*FAp5m+Y5N6Doje{zH?-GDnb({wG&RtI@u}2&b_phe&3^TFqVw`j4{G
zfUwVGMCl#&`0ldj6kuXvritcw*|OX$e*Ffw#WQh&I1gekc8jg>5&P17@wB5`sr#&-
z0PK}qOi4ws)AI6gE$v7ffr><4_CO+y24}!bztx@t%F4^XL6Fm6&o}%B>@q*6zZ*>R
z`M~Tso9=vwFV4u>oOnx!5sTvGrJD6-i*Kjb5R4<$5Xh`k;$?eF;
ztt_H(r@J+>Gs;^XHpsfg6<^>vf0FWaVp8f7m6EP|-F4ZMq{#M?-&sHin$zB%#^Ktw
z(5XGNtu*h+#l{=ebFyikw=$mcIQ;!2e>ko7vx42WgDM`=*np
z0jOF5`Tp?Ha?bcO;pAR7Xr$@KJ4!x|6t!@dQOJko?!!_bxy~E6t#6T@($Di$+w^9|
z;(Q_HC;RGC6mL{gFIa5kZ_V)y!W0aqle6rdXt~2^;~cHE*zt(DH42Lq?vE}+0mDLO
zx|Fs!Ket#Ql`9Xjcv3WLL#cX-!^_z@2LzHiRnABCesxp3Zng}L@v0bt!^-Z{q7J?f
z%S^R_VdJ2-N8hby==Yzp>+msI0JlawO-6f&Jo#aoefBlwVkc;I%^KIqlXU`
z#7i#DlXU19y{oJalQaZE>wzQ2DCfo_sq$nc&gb!)b~(T5gbAg=mS-{bm)mWk=0jKU
zo97vX%R8+L_4dn6lz^rcEpaQC_@RVp?7&1R{psl>TBfIj(jH%G
zVvflc@KK7WA&iHN9qw95mdx)+(V+aXtgBcT2u{8B#T8+KmB8^jU{HA_x}}(9z2Ca#
zP@>(mkk3_>{s#f-nTxS@!P%pUrJ{<8W;yr!^*kFe9S!
zySoC`Md)T_a%qbtqiJ=zj$rNO6(-5d?ATN-=7n5nunW8XFEugEn>TL$HKs-`ZpsRv
z=|OH{x1;%+-#~ABdK7X1_y?_Dv%G@yB9^JCsho3I@Po!Pw^#y3?z5m32&;m2PKn>k
zX`_TXJS^%m|5JNn%7K(Z1r1Yg%lz^-#}D~F$HDS8wPE-XWt`*w{j~KYsa!X(ICS)Q
zz9^eCHwS)ukA5xpw7bxVlDAGXv({>Aywv)iy=_LRpITn2<$T=+v@1DZ@1XG#5|i~!
zHtrpPB3+N;P!c)UDRupxqDuMb2c|tX!ZM4GW+2YpE8}O^!Vfr82lqJQLdl>3R@E=_
zyb4NEPd-c$GBT&*i_Vri&&rVQ?(SV8ZC8L}qGQ{g`o?fkQ4%3#C6t)t+sti!;{jmw3RHw;zi=*4B2wyj0QPc4{`#J-z_wn
zqFtAaCsaI4gxx
zkfK29QU{NTVfMzKAdS>LD`(Fg#gXN^AD9OR4lADh4|NK9Iu%jjU55)%FaOZUr@@5b
zAm({4zk-a2l8YnVB=^Fi6CTl{fVz*C&gRX2>nKCDNAF^Z`AR1iK#aPyK6$PStZ(d$
zlDAxCc-)#Wm`
zF?1ICMNhC0sZxFY915|r*A|LPC!cjR$tyaIl=(fAZWQj<;_wZrA>Up55Iqq
zDT=;Z%~bg&Eb?`{d)28Y7Pj>|P5#gmJWt&!f!w=8dESpkR0A>(3e*!kU(3FD7Kn@c
zf+fk_L0{PY1AopLwA7_QA+t=_(v$zI3wS=#u6;z`MWptZzklB3T&J~aRei?g)pB8O
zya1^WVEb%H)~WZLC$nDB;YPh)=#X;qwzyAfCf2ZqTYrIeZZe*M{2
zX-d~%Lp5NrC{AlgAY<1<*M02(hgLE9
zcE*O)r`l5K$tm%`&d+k|K@`9ISGdwBbGf|{!!-|mLng>o`Pk0e=&X|-&Anl2Di3qL
zb$v6>%RuyWU?r`QyJyO%V2DT3i!^XBe$cpG1!RjjA0#d&r#fI#Vg!CFyP~TYQu>N?
z1>>kfSiN55>FB7118;L;zX>n*RD4pNz^*0pBdnm2s4t-KiZI|{@q+5~M>MA+ZSyaN
z)zfuM(Fe26+<{;S-lHYnz;7`Bff6{EL;J_Xbn1x$>C-4iNw8LEmUF+;j5KRlqu1??
zrl^PeL~hZO;{6T;Nf0@avq)`X5a4N`$78ynn_I%2)5&5FeVjf!8LUnbGPH>kBi&!3
z1p;{sr;3BassWj9yA$v6B2+!pcQSUtZv~GtTU*r2g`LY$R@f~Y
z*)Fw%xY>5ExC1LQR{9G3&dvlGM|^y?{2J)s5mQr6StM}UK^gQk%iVJwdf%@34v(6X
z?e-SYwZvm*XrW+4iKIdGx5|nie>CXGkiF~F&B{td?)Oyr$O2Jeqs3*B77$))e@p(
z;i>a|1eS9@Q&BTgQSRiM)y8+T*!!lQjIqL;o(zd<*D;gR?DSIT
zS$O(4#FR8!E|49jF^H&0R5GX4$2qg{EE+**>B70klMz>S^3-j2c=p4(K$|#|x&ez7
z_vyfQ52((Kb0%jG^W
zp?WkmE0yo#B&mhtEkylFwCO)15eB
z;FOfgxQz)m`5wnlvL_@&26$Fzaa#qh2wcn%9BEf=#pku6T@U45q6v-}k0>zu=`;>C
zwi#uw`)fz$gDb5;j%mA{Y1#kzDMUYzeT>)j(YGqxj@
zNH{IVXU%~EdyaJz$Jq?TY10$(dz3tUecJ^$v-?LPPRl5wN`^4pY27+W;G?x?ZQGg*
zuy1qt{P1Oo7z)5e|4sC&*Q8nIT_%4@HHjKhP?wViwlR`#xi(a7v3@F=wh84
ze%>;i%ct=&04-}AU8Sa;`y{ZuWD{*QcszO0jJa=uHdF6ZgC@Ou6*JAv_3cjvRrqV9
zA#I!=aho$h^EQs|GOkTt{Am2k2BnU3KTYDff@$|7da($k3hPp>DD^8(hZp=(hlil_
zoOpZFulk!x0~M%TlUhGnSmy(ltHs)M0`|jLThQiuUq|@15nB!|1Ji<_VNdDpJBgY)
z{MY)?er7hv7cmlj+ft2sdUjt}^`;;-od=N0or>o!4ts19q+y?bZ4J;%)K
z5c$0o!frECNB8ia{fnDql6m*dAj-RQMu;p@bKZ+eFulE-h4-na>+-4p@CT=$Ws)wi
z{0gCIRLZyY74jQk1zQsf4O_>_&A0cDo$GNr-3-@2Ms%o?9q=C3zxf~L3r@axmwvSy
z9wShPL_FKF<>JT!MWCr7C6xb#sQP-3@L#OctA4^SWFNq!@bEL7r(6B_
zj34P3seir;;ctvyi0(Uxn}=rx&J8N`o4yX{fcNs|gA?Ii;nxuYsE5#o4$tG`%z)uXf%4aD*OQ
zZ=7cGiB6$DMVGLsJLLGi!$YbS5%?Pf1eo_re#*M8zh#8q!T%>F5d8nh_WPgm5&oy<
z2$1>X2F)HY9MQuvl}AI$Z7~>aK8cRosQC{nGb4mEcbl+hjwZ>j4gEgv0T67qjC!G2S28gDWEOfB2e=h~5Ma?}d+!^#OBm$kBz`oHD17OV07lB>e=
zYF`V_&gy;X9~Gi{3s+NAis=?V%WN1p^9G@9dvZ!c|UY^d0I0*
z4x!w>q^3>*du-f92o%@}`ye6#g_l7rM;SLi?u61gS@!x@7UpXRS_f3?(%G)c
zXe<_9P||jLE*?}kIHQ7%-~4x>=m083rHy5#QSRd%U$NUMEI8Z6sA8@$)FQ2wiKnn@
z{j!`ra;Hj-Y+4mcrjibH8_esu&w@8%(@D}5JlCkXUkhNyRmZDVuOtJvEk5DuhLUvK
zI+TGMn|#k^RW*;AvBcq9IOs1ei@@gpS{b|`&`tOjTzarq-dNLHhw)Q-!Z7RKu$5V}
zpS~K=nuG;c%>1XK
zk+6;%l>5F-+|N4C#YeKH)ef~2%sn%c^l0V!f?$&mniCn%{dd`EL2ONhdc?g*K?}mjH*h73edC)dr6TFI&
z1Zx#t^Va!=_&#G7nQz$f`gD{9^N69`%eC;(GZZ7xj)C~oH!Rd#*PBQdohJRo-s(`ggSZtZnj_n!X@PgC
zjfhw1rATnxI$!qBPeNE{T5&q5ijS4#G>QXeE_Zr`FP_g3|2^h9ngl!HsgFP0Z*5L3
z;7OK5kDR>w?;}Iis1?R8O}}?|K8q6w{1nR>6HaRxUN?DrG5g{k{aviK4}Cu&+jGee
z;NDg~UofmS16O?caTT{gkSz6lu)$GjP%z++T@zA-PhIC=YMTgIrktI5jT_hbF^)92
zinsxyL-jq08|x8e^V=rVwAntf;ixjC)Ol)bGj~lnfKqq1@MNYMBZRd>{0$sM#3(gz
zhL`oy=7599%@SkW&WO;eE~S{C=@P!qaqEVFDDd3x>1Np-@(5w9_;+B`cnut#cSwp`
zXPkE}bt97E`!ZFvV9KcNr!Nyy^lpiyXOs4dEUn$>qRu%o5Gg%BXp?FFwj$)j54w@b
ziO;N4nx9|ibLFL95NpyDZ3#CdLVSOO@U&mL>`@f~T~0e^`fv{YE{}w`wf9-SB!Jal
zv)=ACMj1Z1?38b@`aJOb<+DwD-fS_YcWQ4WJM+e+D%s`zdVz#u9iWqaU5G#K_kjvK
z1RmARIlBp!Sj6Phl%;wUkt&EnL-eAs{7Jjp&TIY{fci#*pB@7D5u3P&R^nST^(F5e5gxmI3aJf`QMhT`?>oz6p|#*U?u&w$I(HcezcwI%^be0I3_o!`ZUh*-9-OOgcSm-O%%H(d&)M{|tKE5cHu=^}GMS4YXhl%)%dH$ki
z`y7%#yyDZD_bZ`?wocRJBQfQJhU`Z>ex>kDrV*d(G*$TuT1}IJWSJP`nCq$#UFT7<
zbZ*y}-jBkw^4X!I=4Jv5nd7Mf&X69nS4u@kN0MllQ*-Uv8=~1uy=N-c8clKR;|dCP;~HHX^{QH-
z>GLMWs=f_jkqgDFeX-`-|
zR+~>mljkQ5*RXRP=9wxkcJ@l1TlaygX={P<@fWX+pWLZBlA2wHI+*JuKy@etk#K}b
zsm0|=oR(kdeM#IBf@yoUy7dYd
ztK$K*EEz%$_HNdTkqX|kqyk$Y?QzMiSGR@aE5v14Dn~qw8goQVHW9#qYI4iZ7OaUm6W-r^vaBZ>yhsN<9IfvGpE$r4VTD`c?J>lz#5JD@r
z`+6X>`+~LotVFpfDX#UV=*k8L1?>jGV@y#6hkPc421^vS8)_CP^Tc+B=cCOV8D9JJ
zEwG{;h|k&qb!s1oV#u=f=IQ5^!^nlO_x0g56yhUzX4Qh$p*q?M9dOw9+U~V~f$MV4
za?N0<+U2RVPI0imPh?hG?_JimRA(S}e+YxnJe;HyK(y`FmA^|OXQyF1rI((KrHOc-
z$5r_9JD=4Ga8Y2n!lx`JoP3ZlyIM6~Z6*6ixvsBvPN1BIsU1~ed!{y#=gS3M%jPQ#
zhL2l?c(otZ3x&rozF8KniR;>qX@xu`g#UgLi5x7*DNBkrh&^;txrtXY`zYaz;&%In
z_!~9$l3gx#QG+V1kG+ECcgK48Oq0G%B6Bjg!y3a#5z)f72KaVzJdh&h?c!Dti6_+(
z>f(H$SI#c8>>Oghd25V&*S*^d5t|zObNutpmDPy5qUWSo@Y&0_gM@APayF)XR@dA=
zaCW)Q1!Q{PP3rG_3N6&{+iAu^U9je`ot3{e>Fg%slCPkG(=^eXFdD$3x}P#gdF?g`+jof+Zw$&=_`SCSHT@P{oo_<-
z7%d)!%oAIP_iu0N$=V-#T&aWCd{{gK!FLV(V&iuM|<3%$?Zk|CL(pA|{Djj`As&$)f~_TXXIjguF;hfSl)
zW&ptQjD-5A@MHHAuu1a3T0X)AUnL3j2zh!u=_B*?+6ic6jBFOCFX!ra<*NtY$&Ege
zsT9&CRwSRV^tHEf*j-zo^ne;uSRxnvTJ8=TXfr(4FVHp1`?v?5UU&S?@J`#=%N4u`
zp=Imy0;XQe?8qm6dSzbK^jYp=dLyR(XPc7Jr0B6m_QM#D9{g~zzen5tv>jG2n%pe=
zq!uN3T{o2{pqG4h7&a>O*ex2ATjKX-j<^$0dw-mAztOxQqRj2uL-+V+aeKI2P*lTH>?i&V$f-imMCNklmdH@A*GR`~_G>I6sp#m2~#z
zOrQu(rFgkH9o6|GU=aDcq|NZ`=Z~6%cbdNM)rwwzGgxmPiB1_%D30=S(pLHvS}w71
z6r8U`t^@MvxkGmF&V(X8aZ^$N^kir`CvRpZXbnAKDLY9SZEw`XY7Vj+-**BRhaB2Y
zFAHo~^}~!`nfb$RK*m*0_A`tXqBm3%6?S;!c_Vt8jJG!!=w{fG#wnv~^BaaA_IX@~
z2=Cu{(uya6gs(Oyl|=8CgPeb2)%x_Duo5j3QLtp{UO?f8!}p@z*F`Bdm+v-+JVW_&
zkX=K{XPzR(e6Kf01zj8f?gvSQRJWZxSF1OtXTw^t=Rc;ID3(|*Y(D?>{
zpN`Y5V*OjU0YV*?^J>;vZ9Vh~JG&E@%h)T6C7fZu1W#mw6~Me&<*3XV)GwUc@yg|2)`?8K5b?
z`^aGKyt_i{clXfePJ^|)Nq0xVY17c`*&}L*gX@IMxzlm_%PHtX7wGexGGr=Ibtr<>
zDw59ZXXZTjJGe*tbnx*r)&5(#XsLl&q!)Ka(TTasWjbY+y
zYc3?@k9TFXkO%Lb89{xD!su#%!8_jNVUeafg~Ept3Y^c`UEtEY+Ys7JpY?%(FvaA1
z%|Rvf-TZ2nvfYPp)C!@C%^~a59e>%k30sO9g88jyo5Za0TCP;3*|C#-F;cm1HR6-%
zIEFq)dpm79_8ua|-cf?^!0xk2k~+s+r2Lnazkc%XobSu9!fU2+x@++z;A}m&3!f=H
zNHuH`fHj`r@6Np#U$x~#@X#~T=(
z5A|-ohw%L}u3RV%&~R71YrSEp;1l{^eBh1#dwU+Yny~I(d8~>MC*VM7AY-C+X7h&B
z)QUSez>Hwi)+~k&W-FEDR~fBKWMN_QR+c7UFZDTRV+N)7=m;JLgDM?1sXkrO+N+>!
zVyRj-yp$igZbt!8cUURMH~ioIWaC1Ico-X
zoJ*=kht&+ra%|G{miZiOY_>YRYc5O1N_ZqTRgn#feI$
zU*Q!hdS8!7?BK|M52(dx(`&h&S)mWpa8M;}3+hcys`mZhzytR*#b-juMyLi~{?dUe
zZN29-;x-66N})WW=#m{51r8BrYmzhkzBl3?#F^uQdh8E04mu^;m$j|^D9Cs`t*8iBB>?%J7?W?Z#YVK>T?7C!
z?<}S}s|WhmP7Nvb{7hvP+{N+tDdipf==j+JN#^^)|!hyI%$A~
zX&U%mN-j=hac@TN`=Z2?(~N7-%&Ny1eqF)ic|gXU<4tY%$`5?=
zrKUu_YR@@1qiJx$;@eFPLcSY#o{vH(Dhf1B66@d2m97>Gry-fELIv
zc3>?dCFrYBUPv`GX*3@<3hzAA^7RN&Q1wT+q4&&vDAq~?-t#ieo9Irh7ZkMZnK|&|
zgr(`yDGJ1Gr!C2=kXGal|JFsRtH^L%l??n&K(}e+PtD*s`v~YeexyY_x%lx;2Fx~e
zK-W~jX?j2^ykT@WQ-ayG(X?}ThGJKJ`nwg!5B)V7B^}_lqJHRG(Il
zw&DDBKJk;!bp$3P*?~}M4NDBQUt8%^dHQIzWd(fV+jrt32&gmHH?
zK#Ub0GK?iP+=G!)9^br80qKP=tCOW2`7r^W_TcZza_&hW^{a7D3b3^e{k9h)a{;dk
zV>HW4LARZZ4qz??nZlOQ95_!*@aR%k&mpFGVpwZcU72Hpt3+cNBk^uu7u?`l`rR3g
zwp?&0Mm@LYhdj;5HMe%{qkF9wmhh(h!aPe!-E3N=&kl^Z<4QkJ#Z9?zS%P`JEj+B2
z>8ML?EI49l{u1K%`(&Zv%i5<}Q4y%;@}BcE%XCs3ejA5=@MS#@O~Vd}uB4d2M8}Rr
z(^8{#WGD;7CA_%Te&-tzZxYp}L=yvzcUO+)Td!mgch|P-JbN^sV?mfAPagU9Hk318
ztM*-7T)t$!y-d&L_V(Ze0e;JAlcAR{kWA@i&*<~lZSGg4KFIm`7D3mQb2ug4?<}l}
zA)fV@sXU6aFhuA~EzSIhAdOJ1SK-Z9vFZ=Rk~KfEh8!Ng-4n7gg=c}*Y7&?0mS8vD
ztgSbLquzQrkCA22jr&R{o{iZ_8e^^dhya3>vIO#iJLP)%%tt-HF7$RH@F&>blwR3aRZr}o8BY4
z-IZMeVWLl#sXT4(^}rVLnb4isvb#PdB0@rVhS1o|N&&!aggv`(R1O_^v@nrV5>#6@
z!qbNMPIdbBK5sH~{y?Brc7zYWic$nNLmIR@-{?gB3@om5iC;e>18
zh6DMJ3=$tHL*R6~9A4pwR*mBQ=~lzBYLK#UYi_rU!}9)C1JP(Yzuf}wN!!)(IB^GR
z5jo2&rhRIa-NJ$jlQhlcOJt#K!l_>r@cSU;hV4I77
z|AUgZRkI}+la!_jYpOB3P$pSCj`BNwj}<>e_^L6}*eM8=%wWoS`YSoxx>L|Qx&`aS
z;t;s+xUZRpX$w6Xx>?C&GX;y(o2(y7@;?rxgk$3ajhAyBM}>v$bxs7YFuVO|03-BC
z3S7Pfw;Dv2xjA|Bd-C4Ubj_8Ak6o8l6SceWY|n{(zO=_Q5ubw|-U6%psjZ%sx;cTZ
zoLLdrm+k47$WLoepce>6&p+xa`I?)A&X>*_X14a8R+T+i(;6zxeuy(~2Wz*g-GkhH
zWR-I!_~?_WB^*WsOo$<-E!J|b!gY=phBk`S{YoUt@3H#}%lo!j=c*oCOv$0vE)$OO
z6I2VY$N5rBGUMcX%{T)vSZiO)(3{E>pKm-|
zGdE`p+1jz7HaPE;e>3G7FXlb8l~qnQ4Xq&&%#OwRvOm`WML8-?xE7=Pwqjy$WqU|p
zJFSVPlAUgcL1Z`8kU@p>(rjRsn}?93rQC;(=w2w5@!*pp)1&QtNVC=LUT=$r!2_I*
z^`Bs{n*Ig<|EF{d$*yS<%C>oO>bFdE974|J$AH@=s()(Es>d-L8QC^kE5INGz_Rh1&y~`v?$Iv
zIuE2)gS@do1b#6G+os7febM&YL0wVOkT%mgo7vJEFOdKLMc7-%Rkdzy!-^7;f`oKQ
zm#_$FrMo*N7afakLFw-9?(UTC?w0QE{HE^xJkQzZobUJYCot!{=RHS{Yg{+Xi?;VU
z+2l)ey1zE0mpy#z_V+gc%&=s_NjD7x*YjFnY0Kq)yQJaiQVW@Rc6uw~)XJmq3^|AA
z7`K*aA(wfTLmmT%bEy=$430@zapk8esr3?@%_>{I(K
zEc?C7`{i_V^;yj&2HU0n#7Zb6dW|}((QF(yksZB4`>|%LpBdYRXpOjyLjltE^B7r^
z_N%c=88LhWxtW>r0ZNeB&7ybr6}E0Vqpg~r5cvcspFyKA5Gozd)tV1ODxcxi#ye?O
zF7?8hx%|fg?57#Qx@89u+o$9DSnWIOp#b^xELhC+<%%2meOo%`MfrQ)NYF(xxKpE2
z?SA(w!OF!h#{nu_zlSYPSd!>_|2MI$9_J4T43E{OK&JNmG$OPu`t4%^VrB;>g9s@EzMXjM}b8fu^14;fu@FOF>Dab5*iIhd#B?`zQS
zS)ZUTERcjNe8QitG3r{unQ2UQrU1HhzR8=84?9Vrt%=z+R^{_YH0i&xxl~I#5*k?N
zoKl2K7SArkGEuJLyz7`dAJ*cd!QY)KS}c7;{l(9#)QSmZCq5KikJpx!$(Y^7@%Tnl
zFscPkXpWRT>K+C^Z26?r%J;Of8oug_S9T8V$QQ50>nwpkdWNw6c-^=FgM6n<^?BIG
ze~bvsM4U@LzifL~hn3=FvM9YU%D{X3_3nksu*@+lGKg)`_*wgRP%A&udfVO8I;@!&
z!kdBz%j;k_o~p*}6a8#468}&&Tp^Qqj-&lmdi!Ae=k~M9Q}hVS@WPLniCL(O#3b0r
zN@NqA-ugpr?%O@w$lob;EYHJZ=#o8(li$l1-^LJjlR!YjEwF-Zl*8Z`ni_e8RX%#7
zqDdf|NeV){53SQ-cJg!4ifwOOXi43k2sTiPU!RQGY?X{}zWrf}D$RI>ObdpT%lmgE
z6eGjro4$E%(qU@*1I$VIlB$fG4OU2PFAvb&X
z+shkoI0__((j;#19bv*fAC<<_sv9m@8hXEcn+!GvggjCwSLyxJ!*t>CW69x8+`|5q
z#;bm8sAtJ~2SJCS!DHSSLITCDdLSdzi9Z@Xe@a)4I%>Xq&Q2n3pl=-0M$!sSV7;`M7OB5)k6fXrkI%f?ORw?bFho4rcmC(TyieM{KfrFVa@nx
zW6X9)N@zwO!vif!gMq8jW`bMpgWFq?+S;Qj(mvIU^IPZ%hE68+vD_&oG*rWCn_q*i
zJWfwDuh`I-5~yt+q|KcHJb2DveC5|SEs(hw>|2jt
z6Ya1vZE}O#_)m;B5Zx5L7>wyuYt$rrSf~l_Uxi4BOWF)>N}67l!ol0APd1&ZO)5LQzNamgvakLqN7~{7uViA@^mZuUa+gs(KS~qN&_mYr^lWP1E?F#K
zxA|%{06XeKErQ8_a-QjRy%HKvVRi3i=T@|73_;^+!s7aA8svnRKGKqqZLy$=Q2KxS
zHQXa7GHnue)|@3Je>GvIiAt=LxCHn5D3*8DWfOtUsnDwQ2y?wFN^6JrSxO~Q*Ri|P
zX!ChPr&VT-;X%|`X*|{cl<7q;WaZ_xD{T8BUInD1v}XGLOsN*A#=BfUBFI;8g+b|v
z3j+lKXl*?o*o#+<#Uiwr@{n~r6yw=#kgf$bfyPxwr+*~R^Fv^8&8CyWnIQ&SWzN|N
zu4(H8GyYEc={WVsLhUhL`4B~p0h8Hv$4~6zrpKc!2XL|0MQC^V`Q6hJ+jDe9Ma1DC
zru6c*z^~QoT7d-urSHB+3kc=vXl#nh*GZr%3tb)c!E6jH1})n`w~ys~#TaAUNL+Y8
zd;Hro+yw$zMpmo}gU9(4mW#GJ(6#t@hb<1V|JCjYb$W`
z6>yTf{dfy4?0+7}iCw3#``0neY_CoG4=|9iO>78z5-1Fx$XCwbs3tmNUb_*#MH9Q9
z8l_=okg50uytsHmLC7R>jOXX~x
z=gUs}jnE42!dXM<`?Z!m69$M6YQqm%@EOTocTp->1I8{E8?uf8AhVC6Xwf$*HMSK9
z!$#f6c|@fF9Ie;$inyU-XGS51pN8x{<=LFGwjWa#>}ubVCh>&PJ1E;((G?y??i>UO7=_rT>Qwo?tty+Fq2vEI0`
zF6QpZfDh;!!Q0$+u1iw6?I%oV5Dr-fU#V&|Z$?WA>*mgW_hye|zQ2kg#RMn6`=t4*
zAx;);`_OTG)#pk&-2=
zn!eX4-VKkBc6YhFn0Z!duwdIWbsoM;a=}cMZn;ionk|?ASn-S&R#_exm4KmN?a&u$
z`M6TaAe~}2Mpxf*9gX?B-IX*34BhVzV+wV$+nWdt8}Bk_K#e6qW_o&rt17$MyRug+I}ShYNLN3hFDhdQSg=(6txwo1<_BF4Gs#z%KDQ4h6u%~>iNYV9NpK~FWGSu!%Amg3*t)snIQXy`WnEG^!_zx
zN(!J%)?Xj+;u3@Gyr?q7Ww4qT6d5~?Mekcgu`IXgFJYG#>F)hGG}2?+@$
z6mFn|0;%^kiDz9t2^A|f7cE|O5L{?b09_8k4}3KGOcFLKCOC|>tgRSe;$#EZA|km{
z$^f9QO$tVPQ&{rxq8rtXdp~TDnw4HhE?>>81QgT*rRd7jtPn=2bRkFpx
zLVvySvEu?uiw}j_J2rh^4ozivRm4yHW6@su`SFrQaq9*>VXKo7TLd)5woi9m-j+hL
z!1DM*w-8w`BqlCw=bh|TmLt?ua|BI0L?CfFif=t6e5VhVp#fSd3h}`&
zm8fxmmlCBkNEZd@u;SLuj#Is!<~wnTI-3F}<76C4f0(?)dF2u+#nSJ~a%h&sMN)Z&
z<0P;t16Wg+@C8bI?k|vJMyvn_yR40akkf3x{(`T($8k54Vlb&AMerAJgZU!<@E3fL
zn6@yY*#3(aU602-$?b112tx}EbAOXVBz$CVG`E_jivN-xO?p~U+k&AnF*ZB|U$?u1
z8>U3tb~Pfb&AW*j9xeP%bYZSoQHOQgLU?!*EAgy
z33X1zca^S}n?c0-=$*HX^L2OVOc=flVM6#}MY1!Z=8N$A3`#Ab@n>F^s
z&Ha5Y)(nW+W^5&+c{2#xbR8!qMXpaUa<)8>WF(QtpSXSr*xvjgM4O8~K97qGUKZ%8
zwY7_#lQO@&*^LBpVrhlccU!I<2jg_tVXLcQFP>jKr}_Oj5bHYiO@9etg?Z&Blu0g9
z0@~s`EeQbz1qE|IEOSy*Q`0tQknzs4X64nSqpwI4NMi+Z43Hi$XfuIoD_T5L{cxhR
z_;uK*?pSN&qi}r}RxVFNhAd6iZJ0DAXdfe}O~&F#(J0AH9T5#yBB~kpAbR*Ex0n-R
ze2Z@Fx)U@}i$(zN2U^uwU?gc1{$W!F2%#W>{o(4$UQ5&6u+BF*xp~QM-)3u@Ui)&V
zT#0VB&yC4CUzcn_jY&f?h?ZWXNmtKTuF++NF(YbZts@11u=~8U;8#r;h(Ev1$cU&2
zkB4qt;cx~q6*r0g0)L;gAvdLy3WBqBAh}AirjeI_g-6SvmcrpqmlaX?-t+Vo{;WmK
z3+>#6neP9)%IbBErM6J@l
zymj*swdK
zIqMW%j}#IT>Io&BnVI2r9K6V~F~o>oB0hLqg#dUSeX`|QcJSP#Ts|W2_8>P2s90^c
zE-Nk^_i)|4gS(;xzZJ7!1oeF^NI?{^W-JhQ_Wh+^!v#?nrD-UVM^zRz#hxoj$o@Ap~Hj%OQyM&y>w?E^pwNoPQXX#7*44lBzW`KLpafK*~+FS{8uM?|x3l0fwm-r8oa;
zRW-|`fsYoK-RV|vA~Jn#ajD8m^WGP+pTomXF}2^PuxT7hU+ag>GJ2bpHeRt6mue_3
zvgOT0@BI!A1LL&PY=>1Pg&cphx(RrzjL$8r#iH(QJ8$3F9ZZJrr<@AfnSB}gMfg}e
zKr0$-D||Vt`fM~>S=(yY!SE_LkI%aJ4Em)}ncYQ55RC=S@O_eJQm}t7p5)(l{c>y|
zUV?VxqX}pYWRl1^T3YTm)0v@UFsWOM_pZ;es$h+;>mAh1;NIFn+(}s3=*dZ05Dteg
z!!MeFx=B%
z9deOY?n9s54^)rCgU~uU+A$m!-Q#%KfCTaGb#VD$1JlEsmqtOwr6rUDbQDqx$Ig78
z1qAeU0qjY&#D#3e_Ys3wGC=`>-c+c!IFVrm?@OXn0orAPM9rY!Hi6o7Ad$H8$`U5U
z{V;=VlkTW2{CQaDWp8jDt)ZQv!jFkfgpxid^kt6^LcOs2rqu8V2sRK1+EVFk-4DUd
z2^|z5{{Ni%TPKNj$9iG(!@f{uE4)
z!T@#j*{$nCk;a3nwABH?a+JpV`y&0|f}LzmJ(@q){7FXOv0>N;GWyVH7BV}qU)B~h
z4aYcQN2jIku>6Ki#!M2d5q~cN-nZEnYz8O_^k2!(8(?y!ud98wxBIj29?=9^>-Sxr
zM0q#1&h)=8#H=R1#F5b7!gPWWn!Cwy!t7(pcPmnqqGRJ}ZW|`sk#po%sQ;#L{~lH~
zREX7icX$@QtMP7UGf4c`OgF2N&p0s=@I#QB7osmSp}K~wo5=JUm=;lGR#i);+^|TV
zXh7etXYAV+-$TQ>9XiaAV!ZR$%KQryIC=KPA>Dh4r{d}urN@KKaYt31x^12x4JkL-h6g{xzjGcAZMcTR8f
zW$d8FeJ@143*Lo2S!H{yH@=M(w0TOgeg#VpmTtPd{DEsq@TfLJ3QeS=?N1{FdzMn-%J79zDQe~LZx_UFBB=@`B#c43
zSPj#}yrz1Hk5D(jU-?8hL=1{Iu|)X$j|srGMrzIkJf>$y
z*k+ezU`6uXh4ExbOYpvqPPa`g^#W8OqTux}EhLM9HJb1F$r`9)Ijx`n0#0XYW!)ma
z6&apBT)7HwxLR)YP&1Z4ieXSHk(99F%5t~~r5czX#C`ViDdZbw+Mi$lz9gN>Qz<{=
z*z>DWt$X-tx4n~tHh*%FDYS9>YK6+`{HztS32#y+zv7zf=Be$jZfF>DUTmu3Uvf&{
z+=%5Wo)N_*SC841a;~+_m)BoiQets$zQ(W1CzV>cXnk|{CDLX4C}qKclW<6N3{g-{
zBWg%fTRwEnvEk+m${F>)N+mobC(ZN+6uZ12k(&tNI7JSj7iwf>r$SBa7pV*${<-R&`7QfG~AM!mF%#^QpGNh
z)pngJl|@Vm9%YUG!!cyylexo6_u#Duj~qHpSL!Q!9F$9>&?~kn$IGdBXU=Pa+4Oqr
zs{?j<@H4m5QMy~MrMjBhuCaL{BluU5YGvz#{?;J3^3XW@jmd{BeXZ87MfH$hp*EOL
z+~7ARCqRp>(hd&*kY>;5wY)!e*uI$-WOyo*-<~Xw#=*@U;x5yl@?4td<*Gedi~kJY
zGVH`G%TwIfXSS~v+?-*Ji&XmPe17Ji}2n*gA8V$2clAHgd}NX#24iERDqqgDULEYGK5$%@#s?Y>
zs`}~9R~ZvFUp|a9;zMg`JGhH@G>X<_D
z(}S61g#A3dHXKeap>rsyVbn`)2Qlpda^n4_ToKfif~>n_`~f04Km`sk0|5ttDB
zf;83?V@_`POA_F-%k-+cyQy0QjMNnS)+F9Hpx1O~b((3np7kEuj*#4ji*=<`{&-8X
zH1+Iq8_LcZVm8evo75W0_blb3Zl4Izb4A6DE^4zGa94HJFE)T&W4zE&b~xk>*q|*7
zN&e+-J8zk|O$curp331P%v0RH9@AGbLs6h@X~hus6;h+Vp6$(cjCpbj8kE_XguL?_
zDb{Gxd$cBu?Vqk{y2z|-(FX6iv6pKyrV{_ZEnZz7`AqQctvyB(T1lQPmsJ{T9+^p~
zbNCkMGvx+tD0zP->oVii43DwREE!$z<;_arkp{eJ+sLW%vW@-i&C#3n8G_)i(6YTY
z{6OpI3h3TC_o>oXgM3p=E41_~r`a=m&*FB}&)pYYPn2RTRj*xr@cw1{_cCKEHxROi
z5!OvIurukX`SPGGSf;{l<>~`o|FJ|_5Db4E3Eo?czTRF{Ijz7}L4!1VC4T0@?_+a)
z=$BZ(XF%v=T_yvWQ(y8Cg9SvRny=mrtgt0FT9oO>I2|n^@=za?ZzFPUn>}m4qZs1W
zwxYmoRECECAetXtyn8vj@x5R5Gygr&2>U)A*s(6Lbgn^LyrXmCxedI{Ei-f$xv7A^v?vyY3!L4ulJ!3PkW&T7Q;*A=H
z=aOL^E2x=t7LrJ{&!8ZMJdT%uY0cuBdL!adH{N>64={(T3Vr`TRlGSrl0K(wQkPxK
z=Pc~u`PV?IaI?rcHjxMYV}vd0MPH+hRh@v!qyr+InmA+YWSrpNuL!1PBS%j;fZWzIF8Y#zo-keMVnOl
zwNGMcbwN~;f7Zt50{L>!EwxhBv}z{tmU3mgh?jkUs;^$(^=rQ+uLq<043{ScU2Ac7
z2P`>Q<*P+H+#>46mP3AQ)Rfmnx!E;UiYE*CQ0@kt&cR|b?7zqK24LsSeMqS2
z`{(HrY#H1wpWjwmN#S_ULTA_QdR#Z(n0|V)hz$ysUW*)^peKXtiIp)wP_n
zzw{-6n2^@kT_g8HYYDBKD})vm_W@3Rtp(24Q_jZ
z^jq*C7=HwhP?Wucl&4{CAg|L-&v_Og%?qqpRJY4^*dHCK3f%l_I@@PbT#%%&WOiP_
z;WB~+_n4(?=ECt|vg0+emhHhRIa8%A&M$DB_g7!0#wx@63fMhx3nkzbtDcqe9p_DgECURgG^>op*i7!()CC;3-iRO(Fm1$|T!n!K`5FXX+k}_g8@*SOt&e4qAr!twW=3f|Yx#y?fqHqb)*;I=n`)och*riNO4C{{3NZzr%eXnN>`pM5ie1)3()|xxJyrA=c>!
zB(`_%#XoQTY#mccs}@*$Ufhv5^(TU8luXdG2(=Rr2yB2jqi6;8@SfKUYU{aF{zz?W
zvv5pQSHr?Es=d)DkmvB-QS9)yWt`&D0q-c`NFQ6TGfsY*AJCnv@ECKQytKf9y>_##
zDat6K*_MnQRu`kSo-kl8G~%Er|2Xzp?=ZtV@Z^krfOXHY66)T0(8gZ+3-4hPlMAtCj$jz^gAQ@qc0uNPwTW`
zr%8x1(60R66EB;9gsfsj!-E9Y`xRuw&NbGWSAoICS;&
z%xzhR*;9|>=0fJTKi2hiQEd&hKA%Y!6O5Q<44fHD0>@8n71}>GKHn%Una@5l*m5QJ
zm*)~u&Zl8-MQv!YvduLguFiA!oO(Ys?$td7!)cr7X~ZntiE5K_YSj0LsJpC$1Q!~X
zS~b7_`GMxEd2(oI=v9rI>0w24gbkj>{J}z*wB~W%)|VmgXMz<=>|^zA@jQ`F=8kIW
z$DJjbjjU$N={017^;x9;LJm#)d5wCdO1e-21AjDm@|Mf&4=fniY@YAE=<~
zug&aOY7!Ifm4%d0#RrcgDlI7F=WTor1PF-0MBt_Wlo?kwK>_+HicC;z3mwIZ({|9S
zg$p+gXPzcGs!uH;Goib9@{57Ir6Fs-ewDlJ@&vxOP+*xRFD&4oy*TLRb$`6*d9`08
z7qv;-$kFq2+VE-wY-Y3YZYP?JK54O91MDE;qKkiOu`woq&4QGU?8{a(TRTMCSsq1s
zZFg#eEP9#A(gkiTO|G-56o4f9sI7@(*&X#ZlR~Fk=sydY
z)=DKx_!x}oAhOU67q6k!GJzDRxV@eXsx#WEpBxT~;2T&ftkFhnPV&2@41glHAIbra
z;>pqe5g)#JV0{S+t4x25IQl!=|Kt9AY22beZPVtalLn*NTb2L(srMyC0YXQx8+CyI
zgUK07xfICDJ2yRM-~DqV4|2e&C!zryTxKRsyI{R_p#7|7bQx7yR7Zq>&{2EcB^aY4
z^$vH844{b>_QL_cZWedW#!SrS={9Ig7%>E>~Ef>q?joF0wjS&MOIvevEEycx$
zR&2RUA4lYc7p7a{>4J-`}TE}WMtQnqqM_rU@k*4e6
z-I!psgPR;kVqFVvPak`jDir=g@o
zY|VT=>TcZTH|`%1`8;Hy*_>A?F3d~78GO(JiAf=F-yQGsU-<4N&Jm{Jk2CB)eg2b0-eS=(X0Jh%|!=xBj}wU-+>H7~zp$1=DNri0>z~$OAPN-29gTTnTWZBlz-WLg}4kpr|PPTKj36EmB@9JCF1U@!Ovo$V&OTZk){<5dDDp;R4~)&5(Ah
zgmNO|;|ey&w)RHBNtx2VNhf@uw-K`TK!0fyYx2RUIO37Es>b9we|J+fdXx3z;bm;;
ziW6KU=vEOyovk>rUdr+?K5gGx5{TkG)ee?xP|KAZ9%L6KMVhR-w6vdd%wp~^zYL_3o#>VRYPz4R1Gy
zdmie#=;$mh2qdGVO(9GR4LXnAbFg^yD`#a*btqI(30H@vjDrf))}KEzwvRnT4Wp2E
zjbY46Qbw#dkEF8Q$S^?jY9k3A+dMELWe5`{)PAw?#g71Ob|g62MeR`Dccng89Pten
zYv^*96ZNUil>GGAqEBYM{?^@(4R8@OE~+dYR#sZZ6W-l6<}WnG2Q)&`Hn%1xwLa+?
z+E3jESVqmIY*ua;K5~QSo07L}kH;c++a-j;`(nN~2wf>}XpScsU`y}~TLHmf=5^Qy
zaAz$dmBh3Q+B
z9tp#>)9Sz+i3Bd4b^&zDrqgbK8SSEdyD*0k2{8-)L^V6>Yhyn;*g?=~KAEE+IJG9U
z6p^W^j;l2}b#TcLQ#X~qQ#l{VjB;$&&eo8JQ|eBu2wRjKH%4t3-fMh@*jKmg7eG6G
z-Pagswx|-DnH;1PixMQ3)6kc}V$4;WUlv9c|lFhk|Ht%tQ
zDJnyBd`?{qD3f^Y#FaET)3f9(kOERSeqhMVHi?g*Z^(`)%E}+WN3Snt=;KAprpGPR
znDkR;NcKJ8W&R2leHb5mREL?~RX|M?l%JPxc-a~4`V_mAsu{3!ZQmc?Sq!BY&U%MI
zBRx#EbCFh)!J0>ID1GQSY79SW>f0#^=jS=H&vOxb17eLuOPP3^B8!b_RINMYf0)bX
zHb5!s^rf>XLf%3x?%|}|QxKWWC){Q3WHyH#_GIGfH2O3NTT`vYH7x27upo(kpNw2}=oOao#I>8xQ%@_@7^o%z8@(WO6?d}do;QQyKt*o{W
zE&*>FUqmXcyI*f5TyO2)lzD9^yJfge1e{6J^E&r)&qT^Cst-fq%uiGv8Cf)ytuXP(
z(Sz&hDw47FI&fk>M|4+{yxV67%bW7Ca}`g3>}*%BDqh*oUObIG7w=rRy`bjEoF=
zg4w70jO^dVWsmc6H`ZI?XznXZgBgU0@$p02q3KfX=LHEn*W#Qa9=9DSdNrC&1gNK!
zX8q~K%l+Zk3*;5iBN+TVSUV=*B9E_KbcPz$l&MO;zUtMRFRvNfOy)k;IIZ87nPM*n
zMfe!C7SbpeC9yc10(I+cx|OCU{Q}bzxY+ujB)(%@U(7vc?NC#(%u`)mT@hcFi2^6=
zpA_4Nt@Zaxs4Zu=L$i@%jFLa0Y?#^yPaMtu|279gGmw;&bP@7??Rt%OQ*%$7q)*4H
zvOmCF!eT*iT0lvM?NK;VS;8wRvfSlVZ{!8#2z%r8w|LVKFshReL2L_4}iP~
ztg5LwA`4d$OQBme+?
z4;Vi&C4E&+chfnYAld)`VIZ1fV+rcWTo@r(2?L9bGjW|z|CdK&cRpr_3n;KgB}=f&
zVDze{{xhm4+&Cx?Ncst#A4?)Kbn{Q98%3s|AWm$8AJ@I9
z8d(Qy+}9sb-E-pjXCB)&&U>J=e*h=FBsCtwt5?0g=DMvw_rweU@K5;gL!jJ&LBE#A
zer)*m5v$WZwRg8B4%MA5>4tIfzxEeFq;j^K+2fwgD4N|#%DEljqy!99bClRv&?gf25<~$vFK~x0lB)5$^1^?IlFF0oj{p&h
zK_O}Q@W%Yx8^t}7xq(5Miyb~>r{Xir=8>IBKuCj6iK=%|pFQKlV@lRMTPaBC!B#3Z
z=rDjU{8NtuD%*q`MX?xEf}t>-SMPbv5p0;cOi9qe1ysIGfe+~SPp>=@90~FLiHtoV
zlx+9X->Wn*P`VZ(JjokdD2TuT-(KSUZejzg``yGwf%r)H(JIcusEobvkTeT&d4o;W
z04Cv`YgKP@o_|k;Zr<>H_G+ElYNZVq#U(5TDjlv%{q=uS9-Ua}ac5|E)$BFFk+x&+
z^g2?Z(4E|YSFg*VxTSP)Z7-6hzC#-;xxwTIQv1?=rx#bg`)}Vgo)*86%uHD(T5Etb
zb9*D~)lhCLQS||S)>Z!(liL+&<9cd>fLgNP=|^)|cKLrxRdixN{sQxD;R@vjdXzY7
z#6&*tFN?*rKZLw?dp^~E9R~VcRQkJ5fFgd^K?~MHt>Py0Mu*ZJ9RoJ!w=VsudH$(R
ze;MvwP=oV>4d8jn{vFu0zsf6NPi0vskZBwKK-dsnG$`F~I|%=NUm%CFFp4fDBDxD|
zdGQ~Y`qY$;r{Jn(zv&t{l9?Zwb_kmf6?hT)qKje~>pzzel`M1$pGYJ_-@!+$lSRbh
z($*&1^qF!7ndh4@;@!?YKt2i>g;#Wh^ULNcd_wn`MRLr#xTfM}
zVn1Jw>&-L4Gyg&ZWS8H*Q
zP21Cv{;>z~uCD@_gJy#=l+o%h{0u6jF63Kai$^4_YLj$=Hy}BPN>gMqofnTg79<|t
z&SInOE?z@#6KPr!rQKiD43J^Gb>
z`Ta4h=JxCEzQBfoXsv#Ep>{I9tN=74jw#
z7bJzh2_O!=J?HC^Rr*oKKmBvvzB2{yhHR^qc>G-`qC=)XW&j)19YB3L%Ws&%+(7qLwc{8oKtVVqlWqTs1TlJ}kn~xR)
z0U94ZKEe;6?!U`m?_Jj3N9FqKCp68TkWPjkESQl}jjXUTiU?iK&_sotJ%l
zRwh&1%|rU`IiAsCjg*e>gJVV$mc64~i-(xIpWKHSl6pRJa$XFi_~`eASbFyzS;=yu
zzKby%)pFq?)G=Rk$WWLWE?%ieN>Lp-kTCA~?I+@yga!8!y_#j
z{5=YkATb@1L&g+Pdb;_lb;Kd(T*Z|t0)$ttGETMoIdV25oXf7p4z3gJ)`Bj}6e_>!
z9ebS24+%thmhcw~&E&^{F_i808N~N|Qr-uWJe-JGkYu?@l{5{%&)lQTHLz0Tr~#a1
zWMT%zZ?2RY#CcWBBZnn)p|OUZNfK;Sc!jF%fB?{hFbNoyY5CkM(u!XW50if!V3jCT`-B`8mD4
z=eT)8A1!9Kc}9mL-oj~f)#hoY2F>mbhp%qoY*V>P-3gi>ms#z)4{mALN@oq;tC1J>
zPzzS%L~!vYCf}P?Mj+rb;5^+8989?!P2VHt24bm^W@&aF|(9
zr78Ihp)EKEF6d9nVTtq81;?v1PY))x8b9mg{$Rxx)QEMSx#`Y1Zb`oJkd~ajxv$+-
zztU{LRMlvYNh^VHcNR$ya91Is{GO2dr~l*Cg-mP6$JyCP=RXTt@W*F;=lvfP06=#8
zB^5#*E^^~);*)rbJ=E&)xH%)8Q!>sA+1&7syU3YtfU7(=)q1l1b(fiIk@U&j!g*`w
zNs{K-+4`48qhG}|>tt=Xoa&mJpvU%fhqEtAeA2`OZ&9PP&Cf3kp?nEx&7w+ciH1-6
zHw;@viw0IZgJh3-YzMTumA8v0i3qhNsWpxrKPO@(gOG-?lV>Y*Hpk;ldPZ)xs?QT&
zGa1WULk4%X-1ozAi*!`+a{4J3UbYbk;2n#Ai}0%wQLt;UhhV2s!EjgNlTLu)PG3+LQhM42|jBw`=Ch8_0#=LB!-)7UW~
z?TS5JvX|0lYCbUv(WV;xpI)WQ^6Hzo)P)CcC&$M@W>r@uix11JD+>0UYGx6E@x!h1
zu@(bE=+!lTlodHYW(#4Tp3E{;)#Ss&F^!JZE?`AlC8
zGvWU|>LDcuPX>KnIXph0yj`m?e3Qxo$V5|v>)(vDS=#ql?so@)rIHEE*x>eKQ{^Q1
z>_F#U?D0I-EM_$8`s>|D7c5uDw)in>UO%dcew?)kTEo_d#%x6iQ4j_9l+f|D^7FLA
zNC=hAXkJuI_gMsa`9*R_i2IrRvs>pTU*x^Cr>C8fqhX>C+QNQ^uY#6oxI83-PL7
zVy!C}w0WC$qT?O(5~1;2i^~R3{05-Wzr_br6U6`S-hO!n05UO~p@U_Twv>KHl_@+}
ze>YnHg!`eKZwzkE|r+cmWpGo4mAzYy|tO{9+L#X$==V9|2g9z`7qYKLI8zLQ_U
zx!$V-4*pwjzFv;MSnfFvNqyL>J6-Q~t35o+j&rt96biV_aCl~}k5S?8Dw*mW8Mhp1
zsd(ruCxv}T$f}TfXn66ZW?yqjal`}C+gRcq0|s9mYp*|}4Bgb%k~ec2pK%^HpI_lx
zHZwg9v27;>^p|Y0+kN{SbnJN;;K?YJ4leCvd;|W0SK(gxPTZBXrXs|jbS2n
zUHtbJ`dOLbkEdfv)u+SYsd1(GHewT6%fX94uDhP^1k(p@!|_mpbg$+jnzH6cI$c**
zOpnS`b^YHq!ukjZNoF`3d)(YDztdsCn6lOpW(#sL?{~+V5hrkex%`W`NiX7ifSpH+_&tC<)Nv!C2Y%6
zmqq(|qMyubO!qk}SyK@a&##f;E|8F~P>?Q={QThHinru%Dr&e&aqnoB)r_KlhKql&
z=aLWN#z@OedYKs@Ob%{I=%bSu{taHh#L1ey!2Aas>6ch*^b$t|)@yx@6~!$ZALVHJ
zEoQ{O2+w&RpkKnHSBqrboJE*;$Ri~04p@vQaF(fqzskt(X)1GK_ycB;O+8zO`v^*JFF}P+mEz
zPjY}jvj?1HZAFA%rus_Ai=h(HTc
z8D}+%CvjSZ_^7S_f9$szov5;$Wo+YnLUbkbe^br+yF`CAJ06f#KQ
zinB;_D`%nmypg&prw=UUWP1GWH+gWUo$$TCf`c%)0NA|xUiPLl6NH3CZzCh+8ZQRG
zcIm72kI}satCtbHW~BgG=AJRTKU7u96wp05)+O_K^J6X7jdH38moUFMhw8@=dCTSl
zVTLR}C&*YT&m|jT&e`sB+`Xb+BZF3T$s`?#-e$4;VGP1(plb3hrR})21Ea^YiFvdUhu8E%x
zz9goS6@hTX0>i7v-j8dqggoup1(y_lDd}4(ug)_F*Sri(9Rh?kAMciz>^mN3BjEef
z!5>~334XQMni$aBuA}&sj$+$dPdc%m^e}<+PdFeMgHL{J>pO!P@pm^>(8+fv^0vI!)Nm~wDcBRI
z^kR|o94RJo7;3tTYBnDX3_chbIr=CQ0U3>QOq}BItI&|NkkHSz4|iQ5CnI3OdK|QX
zhX_@C0y6m#=C^ODvJ-kOyXC2H>K#*urbLv7C(2GX^4=bllo=tk-G8Z~U^@I*IpD3;
z0%K3V`KBl(;QjmeH#Xh5IJl+nTV+Ch11!XhYr=od4{;!g|0hhr^G=%bR&s~{Ln&v`
zJxON=$0JJOjO1!(WiiRRBGT8Wf+YISm;hEetN|0i#{W;rdUjz2XIykEl$;71B~z?i
z>TJx3O}e>}`znF(F0}S}V%8bbiXkElCC1-Vq>T1SNkIl+oSl^8@9X8_B2gR+45s7z
z{(tp3;1r+PNf~j~B*I5xP?DZ_3;cUa3TAw}5&jOiF}evVMTH&k?rZGS&=$&P68JSe
zeI`7&lO|_gzz1^k)Mzbv+34ge(JwA@^KhLnE%q9rT;0%AH73psm^IWk2iy?pRQnO>sfcrS!k0+;c4gaK5+}9_b@GO2|z;Zv9t3<4Hz_N1{>p{(`=+n4q
zl_oPYe>V7|yO#m-Z#T7qrLMo4MZ9}l{{oYff9BPsHZgFG(Np=RtIc6
zm#?8*cuC@KpGsTWbRH28Y36;*M~`&@~NDAJ6yE#pXpX+$>Q<38_1_``ez_f
zmYOyPq;((rY?4OTMwTrd*{JFPQu}Y$M0R;RQ=|v)5#cFvUiG=_@JX5YH~u7z*Ki}d
z6)~d;7pimYte^|8c+#x8WqH{l$AaN%jqUjJ5dD6ffLDCt4Tp#fia;Is5Ynb?Cw3)?
zh0hRuR!Q^9vR9!$%`t
zTOEt!$KfUp5b}KZkeo)CmaeZfaIj|66Y*1&b$H=EB7OPzMweZnsI=jdaPn0zJUkUP
zUTLSu_2Fk4o_O|D>T*>}M~F=QPwjbx?Zm0Ge4QjA1*~
z#ObgeEO!iZSEu&j4dl)IiiMhrxi>F1QnTmJJN7}K?yT2Du1_i6mK{h6O)dZt-Oi}M
z4xWA|q?$;H|H~J>yhBBZg1X5BvpGPRx(+#C=!KxkJeTjw9thU=PKxedxx-y?`;b0`fh*(dz%uqnuIZ0O=k+`
zJ4IYM0v~16rPpO=|FF7;Tc_UxgO&vK4vi%B9Nc9!vNG3ilPL(IwKNkl6ZGWi6(W$I
zKSz#`8e}fW&6hDXBF}wGO^@xBXC^6WfhXoK5UYz)4Ly~P6K;bZd_140AP=7SpkP|9
zB?Xz48ZB*Wd1QQyIr(VDIao2u)LOu{LPcL6@piE!256d>vv2m&nOrL~BS_NvJi~y^
z38bH4G8mXjp6*3|I4e*Tii?Y-WFnO1Kb$5gJ#=QJ-3~CoRX}F
zzwyIiVcSep)z~=x-D^=&${$MFlj-t07;?~6(s^u}LG=C(1=_Zv-6gzI!Q;D1($
z4z#zvN8EXHg4hVvEG?f(;qse$fr4_+GKfod>r-bdmyHt05Pd%
z4_=7XolIp-I<}99efP0_784fHc(9n7p_8)df3?wPKuJ7L$r343JCp3#ac>?N8*ZSG
zj=kg0gF609$7~lk1$eT4*{%$tol4)Yz5#Kpo^SRA-C0mcXw3SCk)2KXQ)%4lh
z);#BOJJ97`n{M)N)XCy|4{yH4Ppb6J*LM37J(FBp3WSVahbccLe^C$hEGz>
zw;@A+$Cds#_TN23fu*u){wul-Fcmf!ii>EzUxG91p6tz@-AI|`Ng*7uG~2UswpjqZ
z)t`TGAF7J~0F9E&lfIpN25V#}5*GZpD5Z52LF^e-G5De_CHSDk^w2_{;(frmV(Fty
z)TdBwi-peXFIpLV#!-$Kw^(~N%)KDCYiRLXvNvJcD2#&GbG#%Hjw#H9;@Ru%mgquKMi%i(0XT~>EVY0fj~?F
zG8b;1CWjwggYmTK0EL6flM&qCVFH2Q*4h!mp~x3KzSDqG)zV8bo<+TKesa=^qdT#d
z!J+A*l2yLfzpsmydP{^)8^Wsdf&1H!R49K$C
zpf5^Oz>SxsU*6AIA6kKnd#W8IUm=_fZ5Vfn@EeCuFt|9R_#A=axe__=$sV0&&>J>A
z+dqwupkKayqd)cKZHrzz-v_C&N^MKrX>M^X=FEEEwZzI@!l-xCACEzN?ksd+6frIi
zO^MkwQ+{u%(Zh2g*GUG{Xxgwqq`Db3J0!HKY5H?Vd7cvOCBQcHPx*(4g1#k{U)fef
zs=k^UM7P_rvnces^~b?B4kTf14P?&l>N=DjUfRL`Jw_8EgYLq~?`o1#g(F6@yVw=y
z%5-YYF;%YS$F}wz{7w;uVqZQ^XQtIt$Y3(H$E+KITFbS78drae!s`1RRFpjA_k#%ALKNkftCe8(DZ
zD^zz)*pc_FWo$I2i@{R0J<~B0g&Xa*+=eMUH7u_7T;@vq
zme2h8+KT9J4yS)E&i&;{eKcxvSy(48OR9bVdChZl^l1G{jKMN%Yr9>Au^uBwb6u^$
z%gapPyS+~+IA(UdzH9|`Z8i6<6;vRRG(CBd;^?t{zlvqQt_iNmouRQ;zEjJMCoRYA
zL_)p~*HcM{=Rdd_qyYMIE}HOB>HLH0JUUE1lr>Zevm#2#R3U`S9OF>QJA^h^rbAYf3
zg>HeIoc!tONlLT#lG)_=1@f*(tmT%=JO`(ul({)==^J(sGtwwjs(kpl)X1nTIwq#X
zO74bo7-8&*l*yzGmHA?aJrAb*$$9q?LeMw?xiyn~RJ1s?Z@>@3*xOoH*ju1(HDGBp
ztxTwe@QKp(q$!dURm)E>Tua38!cjxnE+q`)Rw4dspf6@a)zmEUr4nv5x`Dc>sfkG*
z-mK#yK3(TQ?dJTv#&p~Lk@Z>pPuDik_=R3fsl7%ts9_q{lsY>O=GVJlSrK5u=vEn}
z%fA;`zfGwV4w6{|6RHDSW%nQb*--bwkPP1aSN{pLvHT*9;Q&NZ1~tD!sMI*LLEm=Y
ztWT(n1EtBDJ?4Luf&Z$MW2XF-zW_vH0y%Nt!p$Sp(^cB*4Gzf5SukpZ9=iL8_C~|3
z(fps>O~BhN|u@stkJ8Vo8Qnpo^2I{iH*@~+#G^d;l@F1$h}
z+TL}E(q~`-{E@t{0>96r+(82e<_R9aX*h+mtAhSf4*pYHTsQpvPTr5f7~K3F$N%%L
z{;&Sr!vu_1394$!;9C5sxibAh*1p7=1{jjS+Eae*1OAWpOEn-ag?TO%Ej#wW-N#{-
zERa*;*c13a>DR;*c>H46+7$W>P?_t-B%b{wLi8Us+~1oI@p
z(a_P$vI)GAp9Miip31r$KsUfg$xOJt_|iYw`>!8U<~3TtOnIJCvHx7$mPL$3wj!x#
zTe?{M#j}5tqx-Fy`QCqUVa%2z+I`M#FNwX)TA~nIN42y>tOwFt;Z9$r@ph*D4vYEh
zU#wR_BXCf?HuP>1rhJ^S%MN+o+40vuWJk#?tmg`$6FIE9`X$yJ4ynJFqE1zwN#hBwK=4nJRLRE8JtnE!X(zF3$
zy|hua3o-e@EwD!`w_uW3?!*U)>F{1#^((Pyb;WSr>ePk9^!Z}fnZ6;sQNQGjdy79bBNu0Q7o4?+Er#0vx*4~^nd5z-phD(pwe^!s-}A@k
zR~f!n`KKGSvUl3Yjmj8k7w`kt$w@P;2Wxh8J@bAH<|ox>yZt9ic5x`OP#$u
zU;Ael4faRW{qCkXdGq7K@2X3yjewc(>eH`-!%?Jy0l=^m$#b5ErtcqhmC!|)tSh9Y
zxu2}p@AZ8cUi|sH%
zzC*GuP3E<(Pus@oI{ZF9kKXnfY)ciF_k>HkG~ynt>^CsyMPv=k1P-?7ztOqLZPD9B@7j9o?nF
zuTE2`yk~)@sh!=vJ#z4Z|S-fV{xz)JxE^-et;Vf^RSUQt2qwK5Y
z{aqZUUVn5==xcxXkBjzS=EwZsm*~!Ve;u{mcX+w=!}cr2!Sqjf(IN;V=e{hT!?`$Hf=!FZ@{zo^GVkpBv0dBCpC)~TN&&+xjzVrUPYiqIT+)5p7zv2^qI(l+SBI?rw}~~r@~R69
z<7B$0^8pk`{uYZzO!NN!GBF&6ep+AWDr|j^d@{MirFpvT-j6{jUz?viL+|Y`?~sKH
z!|d(2SZ93(nxdmBGXodz)2MkwKvryDppWA1DkmVyEXay$FEn((Y(qH2LU#fbguJ$E
zcJXR@xt~t?na#oS3Qs9*3cB|fEwP$%I(hmu@q>Bn`n-Ud9=3kxlBr)-ZUbV&97nt!kphXZ}(`5{lS~=DgV{lj~3^N&F9%ORw-PX
z`J{YWABBGK>{w~q2AyIERLl(=_dksviCTa2yr7p3RLZ%yVrG3#dirVji1vWwfL5dJ
zvD-KiZ@=~_r=DsDeqVjXc^J^9xu@c0x1?Ho)1XV%Uz0C=Zy|@4**VI8b0Q+-5#JIE
zC9hSoi|o(k%WNF1Zy2<@-=$ols>M7!lV}0ktpB9&1}_iazCDFPQ;@=?%zfK;9HR&K
zY{f3t%Z}An+|q0-N{{@WfL;d4V|%Eo1Fas66e4W0TI(Dox8_ZuGZw
zjog?MQE)9|Kh!Ew>EKc>)u}m1i2)bY`P<+tk-baLI{ZU)Q^dgWSF&c^YBEZ&uA&%Z
zdTX`(8u%dV%fqV{4%Ul|<$Rp?*SJQGZtuUR-(LCY2f_9RuWzX73BvaNLjV1U=cm6C5J8s>cj=Z9ORilJe{6Y{qEQpHR)PHOw*Rzr%^W3VYdgq;)UhN$lG-4dA#E%s<{&uKRB!yWfbY@
z@>S)!8J1*ixIfg7nw=Ur$*`t>cK!TL;s^WB)YQ}^B=@Liwe~PN{Ae`hyos{&x`{Ys
zgzrND0&NA>l7it8n)I+KrG!k;6SU_d?&6y>F6WSMC|njQliQoQ?M+;d-R$?gz%vfx
z*`TW0VYY>QCzC}+K|y~_)q}^q;Ag4NAfrC^!7?_ue&=&zV`GkkD;m&TiJy`D;KwVe
z{Ne8C+x1cN{+E}GYW$Vw!I|;*)1I}f8DCAXL;EJL*BT!!+~wlGnS7(md+hP&Irexu
zpE57Xi_+;}Rc~F_9?k5(kL+Y$6qi2}a=#gPVXlHeOIuh|b=%u!m5{$cga1DN4a4U+
zD7?L$CvoEXQDJ?XYr$vcS=kI@6=pn{!G$EDI~THSi)r48FCh@;-Tb-LU)vi+M*VP$
zlkiDjy9Nk&6T1vOo*pkav
zlFDaqlFgnn
zR%a_(PcziHjN>yTE?#wiy`sNEKGb0{cLKRc9huvJgD}D#>80}NXd6+06$-!cBEI}pwlC+;SVM64F|Zkm393HRmIRbBL`p4vH9
zI=0_Qdtg=hBPTa#cJEt2QaX+%WDxQO3Ps^7zC}9r9nFoIAB!)&_oW3{XPZ$WP~l>R
z^%{lN#wU{`9gwLD_^+THS~?_;8ZF=tUIviCDN9?=b5WzLX0A5T*1q>AUPhE31FUM|
zefL@;BBEjtH7dYS+gkYsYzC8NsFKBiJT4O6AlMX5a@yGN>z695}Kw;K{@*yf;smTdJj
z-3hm9WwDvNSI~AZK*k_|)cTBIB~g>*Q^H8dK;wXeu+n?ql`L7>q-k*)ycyNYkPq1L
z^7*zhVWXwOh-OR30rJiYsvhs1#Ze+B2Jx}9^s6eiF)x+7lq4h3(IXSOS|7@cnxD7)
z{A7DeK#yWrJpF}5d@e-e3-ywKUnZ^F`VFZcIqO9Eb`Kv(8c-MGILRh6d*
zy01nd0T$Sg|69ctWIduLfo&;`)W!I)_KbLZ+4sW7TE+o|$q*D@tBRW!gbgl5IviKS
zlAM^{(A|=2GZsDwGSRjanaRi?a^D>^PUj~uGj0^?$!j5YY5!H3`Fl&gSa3U(>q?h
zb9FP+Vu%X#S?{~8$afH0a+F@j4SC+NdR1v>^{49arW5|!Pr3Q{AdDTFkQ$eo8mr!k
zRVgj3JP_#uKVN}Rqi1Vq5@fEPtN)_D{EckuSXgU9Oo9zBCSM?OE@W*fX6JD~WfyvI
z0PP9MDjKl(>91M-s=-v8x^N3??`n-0G2AGNTZo5-yHvSwj)VQGGL|5PzEXMJZG-Y}x1?-yUmv7mf*j9l&w69ezZ*Aj5K
zfNDe|aV+{YPn@#I&~1GI`vE}b^vl9?j!bzh#_BoutDWAy-fgwIhN++?b`_g=8=cAI
z-F1bM_@$1Ei@WvmhPBmd
z&tYwSUxE*zc4Ff4GYcYQZB54KW9fWri;tZPNk+s?=YCr=3hEU;
z8&l(?kHsM@N=wh}tNkaOpPua7)DrlRD=%N{uyas!wr-k3AL?%)!-Il1SX%~pE7
zjGdO+UwE@_I`DCjATkwvBm2HVC78v`(oIuNz9;2jwW|80Nqa0NjGQ{htXIMW!tI8E
zn$HmVo_$r1*yZcO5-S}iXT-bLROazNB`!R5S*h7s_)1%i*N1u@4U%=rHu2H#+6Q~)
zP0dp0)v}=Ma9<7I!6;`ZMqN&Ci;5TEsd76D4+B)WN#seI!vtMLFEQ(5;FtMz(uJLf
z(j=w{Q6v^2TQ6m7Npbao{7WL~Z!2qn73HeZ*K{A>
zycypeU`x_FM3Gy~KCA_*ciFWMTT+WlBuv#3{L)XDSJ%CJEuy613cvOy7+P$~Oi${&
zpxPE_bnsKvF>Rvi;ES2=risIhi|-oyRQPfZeZSHx&;^TNjEbdl>)`v)sL-$4>l%T~W6$o#
zWru*!{?wz}jYr}52@4Y*6B=L7{U=#@z6ODvT~@ET!%KU$+%WOmJ$WaL+goPZYH@MQ
zTgUsl;Z=H*<}{rB9`gk1&Wu?&i5^Vz}et>r}1_k
zw_olSYgb-Z2-D%V-Op&y+W3f+f8Hr4oBk$a$6!25&(
zScp#Ne)0IF3)*XRwr5xU;mK(!qL-TFr&0vZI8Qf+Ce%h=;o;n2M>LOcGr}|Ql@U%SSn8{?o1UYx`ISPBNwX{BSgWDTP8RpfWzPV=-k*r
zGrr@_E%)UEVd5h?u924OGolp{mdASs%Lb@sr;0e`9&4zK{IFC>nr0vtuczz#kSQNK
z7ae*t{F3dPvKl0w+Y8xar)|7sNGd*2yY&peb*)xLc6~bpU@o;u}%e6!Ix;yT?W(&-W@CBOrd@
zm5sz9B*Y_5go>7ty`+<4cu|@HO(Hb+dPk6|C`E<`lJ5wX=d8)+!4cwYr#L}`!{6afJVro;R!4De$X`m^r
zW#y@)Ic@_F$3(d`J&=oOhiScDvT5dP{jp)r?H)tPwBGzHvV@!E?xFQC`qR~=02!iE
zNhKdye1^}@bL)&7_WF)MW6n}U%Y}A*{`TGq@i$pkW0yB)=Um52Zq$~;XZ$xCU&v4b
zlS|2Kb8XStI=rukHtauN)KwmoJ99fcdT|~sGD!P+`VJ>gb1wPAgcl{rIO?_aal%1)ymac{7)nKeuX*`x_9npYkg0ktmgmUp*xl9h9y>MKS5YGi!m$tk-uW>hA>li1
zVurg2Orn;~3S$PbqfNJgVg&j(>oBy!R-vz1Y^ZnELo#$GsG(XD-&Ses-qbcuY;6T!*7
z34H*>R$YlhP@{&&qR+2g1y1h922k6DjVwo9e|gWfjko!-b5K+A@br!D5f!!x?bN4L
zzDTO~cu=MsyF2o_Ki||_DjJk>00*&u(^XCoksP!oPOLQx>f4bg!!l3`RXN-n<7;<2
z$3PoKN4s>r_YIbDy>E&VRo=A0-H-2~%(&U!w{PbqmB^WzKllXCXzz9CLp%3v8Jdus
zFeTL5yr*JB9dB$=BfqmS)Ic~j6d6ZZH`9u7aWnE&uETE*-*+v
zxmi?-eobfP@rrE!n0?qE=DA>CQu}rG{gGCk)y$Q>&-zj!r*umBc}ugvjy}su8O}EAQ%#sklnq_CkM6$M1)YI8Qd79uOxWBw%
zmAA<}ZxAxHL1yQNU9RbJzH!Ze6x$nX=oG+fv{|o;eQtD4^i14_0e#%8-+;bHS*AAk>o6uOVTNoa&oH*
zdrb|xQ^evQ>XfUY-N038*evP1{A^Ls@B~}&}F?SMU
zO!mQ#>Q9rqwY-spe9%M61d&Mbz_SVbhwz#h!sdauKUCNEFYUE(Kzr@>4dzU~xEQY(D2iFb
z7r!a+^4Sv^$>`w+`6y->v;S?}>Mwye;5yG?PX7HO1Tf$K(qF^-E!FlFs6PF3
zb^hRTK=iP2*c*EvP3(d>P-YrcRM`-iB1;qASi!9VuCC+4jaJ;!04Efk>R^NPbWb~xF`H3=q*JG;UVfde_&9zkrB}(L4+QSzFlQK
zbNZ62gM)>Efq$=2)z;*@YA-UkrZbiSkBpi9&`
zF@S-AApH5UIyWQ4N?#KTlDyg>gX-!p(TcGfP8L5WDfURb&Hgk$IQzQBsxmPFf7i2T
z<#D$ncILt`c7o1iN;=0^;04YL&!0ULIOOz-3tOs=NBzrD#Hb^b4N*C|1d-xxVQR!L
z9r_k}M`s>ys=hzC#=Z+6mga0KceBU=Bw>wgOi)L&CR0WOdwW_BzPGyeo6&BvvD^nY{-RDRx+$Ttp@6+}cxL7>L|e&`RoenLrzG6*GWUwdycaR^_Hri^^JyJ?
zVe&c!^qSbgMp8s|PB!A&P4M97`nK<;ijk#T2bQ&Nw`uq2=qO`+)Pqg+G_bmXt@V2?
zN`k^&PpREhX$lkPrZMT6!~?Y^l5n(U)gZAMAWM8>RYw!{lu7zchvq@@>|SP(Zs}Fz
zblg4X9@d6<@lrZ@${VB?VC`oQdSI}Fw3!r9zrjT5)}x0W3Wz$9#JKu&^|Zvj0a<#=
zU()aeK)1w2u{|-&2sV;8xgMH9wA9866_vKe2JxaU)>HR(QD>mQt>6373#GGo)1Jo$Y3b2DvhYP6`A$V;z<-AHG%UJ|h1D?8Z>&HmUZgip7kX
zs{~5^o17v!hWNov&$doAmsq>^)36gEMGarx(60(*n@Ccqu4jUCN`{AqhRRHbMENzH
z*vX4ucldrV{2)IbRO7{-!WLEy;EI*IzwJZD=Y$%KhML~CgX-4JvuadAnQS8KaY5m0{e*TE2{5#$a@CD5
z6xmLwxzy3eYBq_gP{a?K#MYYjQElUKV#t`*m>N$v`vFmAFTnEwbHY>v)kM#2NLK;+
zQ`MzjaTQ7=M!f;arWvY$BM^Pa=ozR+SefXnFdQ;3U~M>2h1L!ok@F9`cs=4_W4JVf&pK-yyT+j_g>>5U>d8J%d~DteC>FaPzR
zEcA+niT=4PJ+m!IeI!wxA$NHH-b`|%22pLLs#865G@UW+Wqy-KKCbZ+1uHH(Zm>sC
zwr!L2f(^5|60@sDdBSjs)a5xcU^dR2camz(>jBjyz)+j~WvE%rjp|IYVpB=wkw?l%
z6!&QPU;1uD)sZ8}TUMg|z@yZ_PBwsvA4f@3gZP^RTVaEO=1#{R+@KnlE8a9o
z=EKc1L`xEoFUt?AT4wex;M?7I)d6=j;KhkX!UEy&1ewwq1}Zqg(u&tqU9($uXYYv7
z3(Kh(L2o_22%2-r7ROlcJE{3gTlhnOau9^`kF90f9LXUoWV1pIlx{+ebgaHbA_(d<
zm_8?Dm=uZTC3AIhadQf1%ssd1ez^nT02UOH@}5%<;C~JQ`w3-fx0R)qAB&h|ld|1p
zQ_s9P>m(25a>6mFF|)`QmRCJH#p&0HZbU4gQAO7u$k?#}oF*>Gf!Fp3!7Fq1=-hz%
z*o=8Bgml@l(n_*{-ccU@{7?Cc`?36v02q#N-EC)g6iiWS6R1jyNu`t`p-tZe8*D~Y
zz91}n0+`12^`G0Di7K-jZ?$lM744so^2Zv|fx69}8DCb%q`r=PW0eSI^V292`Bjf!
z7ZvZ49erbimm40CwhJf&=~W0NX;f@SVVpO5=g;ygFC5gw%8|a>5@jSNEkNY+qE2#l
zFqxJA74=qL$d&vYIvUHEGA5WP?yBekUq0@ry&O<5;>117X&*24?w1)Rn~hVV?lix-
zcdXIf?=_tB*BTZdgCNkP1IwPGFdyro3zZM4ks*HX8Y&C7SOl1Gmf!ldU!4dBQxt~{
zr{gA#jpCfNCF&Sfj`>HE6iXG~Fe-u5TKdIG)^0U`(}(f?ar$qyr^*YM|6I}gUx|!r
z-hc}ftzUXmBLGJa8EXPu;w{gJEW)2HCq9-M*wS@08t4xkHydIHh+)zeK1jpVzoR~P
zJn=CrdA4i;gP`Xg=H=m8WwaBxOH;0yJgkbuR=MD%WKoBG`tpnZiW=y1p71~{Xy
z)v*74;(x!M|6UaTZ)^pi#o}L^%SsCc!qyXu$bDA9*~!=uQC_ZSMW2tqt?c-zui+L!|1$}eBqX9_rF)7ynw_hwZw^Z=fK!8k85bT*30crg`k6XQ
zGyTKP3k|WkBh1Ts=qyfQ3lm5SYl~E+HEY9k^c!-IBy@FkSK7KMQMDF46V5PA%n>7{
z7opzMJPidMRrS^E985XM^vZilpZ#;3I2WY{BTxAti$I40EA=>GXmtm}y0hr}?r)WG
z!SZfp${LOpT4nWqg3p4R2_Xw}3-4Z?c+~5nCPyMpU=>pQ>#N<>_v4amjax2-hlN_z>;+@2#jK2sV3h
zrIPfL)|{vE4F^YVZ_vkNKq_@atyq!@Lf+@4=|hqzA|BXjv9^inAL#HrtcO_KR#8Lc
zGD|C`%C9}|#nrT8O`wl3@{do|h6~i23pU)j*4o7%emZ;RD&8O^am>7_$-wocD7S+0
zM13)rpOe&=QO(q|Zp1o%QR&6N(PlK1%#c0SZUqYq5_t{cYuwkr7O2^1Cj&P<53t>G
z28pc6GgY7KtxbJO$PVq}Bn7Qr4~$*f`<$H}WpPgo#I=cR$8ZX8DFNODxnpO>$ZQYxhG{GN#@RnZ%C|KY<)3VA8##>k0PDP=*0Ypgci}
zY}9aGy$MpEYGibX?-WkOIod2ZiGw^{5%S}Q%%Pe^6+fXWZ=DL=T-wO1b%9nzPsgrU
zgGv9minbZ-tiym|el)WiFQ{15v-kHFLlrGJik^*T4VpelOeJn?bG-S|Z
z(&Fu*>g6L-whEuAVm2GYXJdgnQPh-=_2u@*B#HQna5Ydl`x0@+;)L}$Frq|mx;JmA
z3k8SOJ>z6pF|{c?Z^C@eE=_O0$*V*+Ni$0-<ByHM`O@#VKgMnUHn#pRL#~&RGr~LFMWwJIylq|5#=d1QJ|te|OX-I2w{
zMb#A08HXP^TeGGjPo{3%E78DEt|YLkx;o8AqY}Cx;)Aa7Xux@a?qnLJ9;LzTipxap
z29xBjGGah3-Jjz*gFjYSIQH#Z?O%yefyBA0afYxXAf>
zRx^5|vFJq&KFQ13Hsi~o9ftB$x+7Z#W|qF$nd!PW&vxyJZ3}-?;>*!7Hzn(=XvceS
z!wplZ7mys&S>qdoPLNHSKBFlYSP%@9_
zQi+Y*_9q*IqVOxLtYlt3Mjh8ka<0ZbK4SwKr2)X0ZPTVUC63gmi-(++gMxznpe)JW
zU0V1yrqAC+w?5Fi+d&8SOq`D)_v08=7fQ%-Tpvc%1b~3>yv(EN2?~DkLG&|q(sL;q
z?YCuao_5C44EcE_GEpwrJm*&I$SDh^oJY0V43PP(7Zc%9du;CmIspjxlmFBUf_&8#
ziWK>%>e%h=L;y~JKuBM0N3)Z~O}(SSKA&7iCWp;#&*;bgX~Fcl@3kR-d17YD(htZ<
zN`{~d5CH|wn3XPUqS`(~l?PylQYh?P;#M
zs+Ih8@}?|ia3SyRMVs2BE;JpBfbi37Pj9a>K!5sKP0&`mS<+T1bRIoLs!EZ(GrOwF
zkseh1KG+*va$lJ`Et!z3I$;h@^@0Q`jKI-+BQ!HLBW!AQ{6M7^J=cR|&dDxLjaY8e
z*haI!*E+HqQ-Bj0k@z`Ny2OqM;)t}Ec8)SnkB0J=ATCv($AZtao-w%iJ1;84q{yYO
zCw_;Am!FFB+c;xYiK%4HWO_VDfH`lQ|mZH<;~=~(C6WjjHPAvMEF~1mD`FE
zAP#&Neph30Efp1q*8x~~qR6Mzn-hF}$rs{AcPa69NKwSsXy`+>R(pFyxk-KZnW674
zMP8dg>YYz)f-3{8&73rFG2K))dk`~vpWdQ;dMJ2Npi=q*{URw}ELbe3Lr&Ph*~rQ<
z5$n-C4h>&L+UmJ9(TkTUlCo%gFOnnJLF^2+(heY*64LLK6)n)pp@qJ{PUrW`hW)FL
zdaxvA*_E?MdRp5@$yAk{hV95r
zAFCl?Bp%BAvH9R6CU2RYP(J`8;ot~7!dIMSD9L0llNPrO#qgk3<$6v(0v_gRm?F}@F
zm1H`kf+QxIC)N#XD=lx7SO$7)BfSMWyY|MyM)PpF(DyHKXsruuIkbXs*ZWj38%!9=
z!|f-KlLPZ$cxWr8rM=`z#B?qD*RA-HyYdBoe&g4Jri)YXTnx*4mV+CEumBAnj@RtD
zo{)M|a+D*&7nJdMkv92+GGl800D+5MXdB9stDy&O$i^u(88uoU(fvK&21aL
z4(v!#V8j+Y%~M(e2rH*7LkbB~^bUck60fmW1nKgFW#Ol&Z(ZjB3W>?`N&Jg#DG<)E
zN?fzbt0YmS|3TVY$He)CZ=Y?Ug;Jz=@!}4}-QC@-xZ4b_g+hzF4GiuM#l5%>?pE9#
z28W&YyTA9{O?Hz__U|W|%yV+ib8fk=&#hJXDj%EfXA!!CAl}RqTv%~?@9AF2kei&1
zh`;#{JY8+e}2^$Q`scMNkP>U5pfHbO!q?KBZ(>~m;n
zuSPDcj!9bBOk&Cb(x>-`3hDK;{_CJ;FsjA-5m`GieCJI)f3sA
zDY|JNPI$4T4)A~3n<;;4hJ&7>oQ2x&=%~{f+b-)Z31AKn^T^#4&bj;x-*N_YK5&rJ
z(loiKhl75)HHLzdKE~;EORchJf2bK=_;dT!-+b}?E~a$H4|{`T4vf3cJimJf_p7F2
z$stlvgwD>+Pdv@9LsMOi*oJj}AGE$UsysV&j>8)SJ
zAVvb7ZK5YpObn`~BGQRb>e649(t&rFx)H#eu~MQ>niuo6ai6q0-lWb$`PKhcaBrlo
zRjRfa)E~G0Bp`8?xaO)%>ZD6>JD*un7m`CDMaYUjeKAeKQ?Y!TELWD{CT;OS+Ly20
z0vpX`j4gf0YQlMsw^N;$xJ_!}WKd8B%8z$SuJ`H-RjUY8Dvmg;Ct>9G-p)WdgVHR;z9t^R9>iIpTQM*a{+hZ9A9t{Jc$Kv+)ufcnmSz}|BMYTWO4%flUL*ne_%mbL;&+G8^
z`e|3o&Q~3xJuxgr4JqT=U!*lw!AlXruf8mwJcy9HZF)HE$^(NE-=+T=nY*rCTSA|v
zh1r|1KBBel=;%#Q*9<1B(3FN%J&Bv61q$m3if?Y>`e>*+G4KM?F-92PY)Nn_)3H$k(j8^x+qi
z8%NO`iIeB+Fzmv`1{i+HRAH6d{=S|8M~+4OJt|e*HIT)q(|odMCIpX%+Qi06Y^v9#
z`0MmRp1^cgu3<)@59A#tV$k^bxbPUcB5~}#xq+z5C=L7-gQ%i}l$si58=X+XboBLQ
zJgR$=Y7ItB_)^Ov?;$HW888I9W)M%yBcrFNV%#++5m1_oT9`OVv>h>al45wA8%PO7
zRAe@9z`-sM_l!?LQYbWlH2Uu}&HQO7_`T)z?@{5^^R4b@gmz
zbYb8~3I17i>0Ubvcc48H3kwz98}Bk6PHyFN*BvJh2UA;2O+6Q{)30MGzkf3h%jd+{
zzAJ}&Rp1uUA`ePn3&(h}m({xvMLT|3_cby(;F??9lJB&qmwoZNK_8+KGkdU!qx0Cx
z+I2MYec42-TxtgHLXzt{8uzmaD%zgDGy4qRm(wP_{TCgD4uMok6J2&az0EaUOzqWe
zSSFc;v^r|(yuHzes%#pY7#O)(YKl_&G$S>nT5b!l+^^mr@otAK*hxwi%gPqUq`gzO
zdVgpqXqX(EjE}1~Jf__1
z4}*DhFQQ+WX!_e5>ZagkgGULEGmQ1pGwt^?tNVGGbBl*7vR7Qz9@?o`l4F3Nl%&G}B1r)dyL|B5~@sw)}?!BSVx0{pQNy
z7stIMrOcxvNJ=HdEc+-If)C%Kb+#h7_<<(*d9*V#Y!yYIKF+M%qQ+6$!l#Qvgu;;Y
zTFWT4`V^X8I#Nq*^J+z4{`%xVUf!9S1l$GedI?JeUwpD$J4y`@u@&+~i8jP?sxQK0
z-0=ATXZxMNp+p`nWRwiol@E0R9q2VwqnI(2Gt5KhvfLSv8o?$N_<_2fqojvS(%P@5
zTH3^W>d)tzrq9!~Uvj^Xfd~t}T_@Nug((aSIhsjN1hAK^=Sc+8!Yz
zDJ7-g?r6QdcF%Y`tU-tYM_y0KZu;NuiSNfO3zC)tVvPJRdZi3KPp3%yoNLxMcA%Rl
zb$aar7)fl$$-8m?H5nCnY6Mgc2F~OmRIw%2wMp-`XbSxVB9Xrb`=tSY+IRf6{ebad
zFy9=Gzpbo+b%%kJiM*i^y}Z8;Y|Lpfeube1OS@1Q9%M0-qo8AzAi_vigJEb^
z<-^`1DnQaSAh%*fY*dnfB)~KWH)l)HFBAhb#$G%Tk)A%k>;dE20%cn8dIDo`65IZl
zhQf-XB!@OILD;2QJmw_QzG!5-ZH|g;xrUpT)E!lRa*WO1RsH?!ud<@54aovwn^=HX
zX^j$CmchE>c=O`UhsPc9`0bL4p$Tz*D|}6p3_Gi)oEX?r+Yji8nZ7EYpNAPm@}5Z;
zK!tNAg#cT2d&aur?ES>_W5SAWI%23$Xe2#jxqUZuo^QT8=~F~m)KSRveC?L17j=1E
zJ_X%v4@f#;aM(}ycMw>IAuJ<`;Rfxr9j0vdySO|{9dfhrtY2#>v?gm>(XA`Hhy0m4
zS;S0S=66VUhYPq$)^om?G4gYD%T~lQZb|sB_eySQQR7io$g@QKlXQZN&$^Uir+0@7
zXXsE6^S2Dn`KbATEVz
zZBlcs$b4kY5OEFV-q<-fIoZiH5b8=YJ@&+BA%Bo(AL?5UuOHld|5K@73R5wiH`wh2
zGf92kQYDvp#(KNgyql4R5j6eTQHIBN5{@w^7oji_?O^)eFs__aKibRdZfj}_i7_s2
ze@Qc%TXV&F?e`ZXj&-vj#`t%GG?jvP;=JXS$opFu5|9(y(W@v1qWT+Ju<)V`109*k
z+n$e8AuKHC#a0v0;?A6}oH+TnxtMNOR>Gnl+T6vh*;*7*)Re>2NG$+$ADEG0hHsV^
zq0%L)hjt>n^Vw4Q*b{uEXswdvCH50I@3v#pU~Z}ct1ijKsnn}vd=%N2naS1e)xIx{
zpA17v+uO6SpVSF*m6&*4SdB%k2oB3fU9wEqsPfi}HxQWUQ=v4+#%`ljnQi-=Gj4>p
zIDw^HUQ6X|T09XD*qV#Mrqr91ZGfVgoR6T>AWA}+eD$lkN!?YHG9F{o^)cugPV4l`
zX`tT`icT)H=Y(1jUbQ&%^|>}xKhx6d*X$)@?{6CTF<>??9LX7J(?uhKKF&+AC4j
zylWL^f3tSQuX|Vge)9A328C5yZ`-_3?C5b7JCf|&tj$G0
z)NHOQ*nNT%&v#^98SwL4uU1xi)*}J3q@Jepb~+0IRk|!w1BpTT8zcNqhiTAfxPIt__8(W{OyU8igsHA@b023a@y
zIdUjOF-A7Oo^f$Di!~=MM>N+<7~5g#`zDX5x3CsEFZ$jZkV4Y<39(e5jo3RA{*8UO
zW)83TOT9)*-4M&TR|2CRCk}S}M3%+^TW|$WovbC_@Vj)`@`=4`ZP%P|$wHCsZq=-d
zVs^|^TUG)Tuf%IvQC#$9-P-wUQ;FhPMQwT1zsCS1_Pm`BKBPs=YbE>O3E;f@+X>%muYComrx=%8
zAi|zrF5630p`6utb~pcp5N+}cVJwH-oO5=o|CUl6MJ^_EUh56aiyH&bF@-}u8YTAU
zw|x8eHPn1^aU)<$#TW8&d~W8wA3mu-*sVKS|NBEClCc@z)^D
z4CVQ**#V{+(!b(Y+_!%>*Z-Ri@&9l0cyeMRj?f@X{|^3?HtwtFaEj
zX9a16wxZ0W-Mjs@)7A6+F(K}zrl*Sqv^Af*)#x71>=SqYnicu~>4@E$!nVt2nC|Vz
zW2i_JGWX+P+6hzU)8*wr7bh63V^-Td^2b2QE7959C!*rk)>>i&eF1@>Dl~LcRgm(M5T6`iqPAB
zhAY%p6=JfC^e+kD7yzl{#(wB0`hz6Sn%=v0Yi`Dgr%pziX{yw@6LGmMOLTHLUZf>M
z$?uIpz;i%5Y&5Am=VxB3rQUJkCToJ2)gCX~vF~q@)k6HX-g{sa%ldaV
zh_p#Ep#$FP%cov
z(9juQ$M=PA=94UZqS?|FeMY4NLba+)T^UwyP}Ar?(km3Lj%eenk4?#OzK0n|Zz<21Is<%-3^M(Bp{S(sLld&K>t>W$
zSMztOwp3gqnK@TBb&IK#ApHX2eu@1F5$foC)#7qKknvc^;F}zKmGc=J6kSI?@Wi+F
z=#RR!-FQF_J^L*CaS?kS5c9Z9LiE<7(-hj&_Q-U6Chm^kWj0+Dyth$hnILb!`)O2`
zacI}`{i+Pl!(-%V3##W++@xd6?SwzfOk+5%RVw)Kywc%#^?7<@dt`nEOmsG3e;UMz
z$c?lF!NK}_fWEhf;)pAEs?O$+&tfdP(vtdsxNjFmV`pf*mBZvnj_tD?|g3{9hD9KoRI{xtq(iS7zq12
z5nQ^?wx&nf3S5=V`+aGG+zL#@wUrrowj1_b&$~$k4Mbt~Ht2d<`0O~EIS&=P#BJ93
zPcfPh;Bxr7=oT_a$2~)7z*-Adj+vXvw!H9WS>SM5qzfIi6y1pH65z)e-s8`(G0PL|
zADbDS>78LF=U^p6+LvCaDx=?ZarV{1C3*6-!M=#%&vdex`mE_{g_qs)o1EgSl!zLEWLQ#QT1xs`=XX2=WH=JU
z9oI`aq=Gx6^=*t4|5AD5ZDilz^Ml-U{WZUvwi|Ht_O|(s&U+x$ZPTN^3FtPiS{j6s
zZ^&op3s`CS3GtxL#yTH#7V7Xj#7uMde5>kZ$Hf=%98o)8BjnY$==NRuV%7WW9OjLk
z*Gr4IB(9dJ5-0i5@<5y3=~Ly)eWt&@`;?%GbM$n(A5{-Fb#$xe8urWeSZRg-LYw3_
z-*nOhu|WKrroRP$Ct(Dz$c;8l^Rnc_F&R+
zZGx8hNEv4YL!b3QTtUHjacQv!u8!5A!T1qYdY_a85trK
z*;!$BKmBRG0gX~KGU&(Lnwpw$%{XCcn$PtS16wei_mIlmpZTLeo4&KN5a9_UbfS2%
zvLc(D2Cf+{wMjL6c+|Ln_mmuyLabltno?$0xELlQxv;iyEU;7#_t^2v)8q7&yR)WR
z?(qjKH>AtU?O`JYc!prWB%8bOD*-mjk-<0hu2)xD1=~2PaR*09W94#WIOrercx3l~
zU)e91K$OMSuNHrAm65YiFj2R8IT>%ss}g{=FIQmGyrJP8l~v#VR9^@$xbR$l#`2X!qzh}dN;
zWhlbMv7Bn@?)FA)*P~BCWrkO3D@ZNXb-C%RO(FKWVkq|>mqc^R_adS=k-Ou&Cit3(
zo>!Ir2Cl;fFPD30tHH>J0R`VLdKjF2AG-S;+o6js76~;g6`prbvmCQMk*h|n596CR
zj*l!6)+!K{%6E~$GS|;04~J`n&WxbOg<Tf`jj1Z6!L{i<^sRNJZ5kD0s}O
ztegUOr=U0Zp(%qBb>P+pXEOcMT1uH>x}jrLk=G&3LN$x0y?$9u(+>kZup}aiOgXU@
z!TrFwPH&z?QUn*P{CmaWuuHjOhQjK`ZUL0R?Bd8Smg2#zk7wQl1%z5z;((-s13ay1
zc~b%gUXV>0Z`ZZ1}(l;m$fHuFq!kx=p(f2i_*A5#bw)^m(N}8L8tz>$0^esZhLjCsdu^`EZa(}7>
zIM0QXN*OH&E`FGc2UT=%l6KwjJuz$LCS&Y#ROj8h^
zAtbqcs(EQVX)+oJ6w%AatCLk!yQQBKsvTY-w;X6b5M?RtW%asv-mNse99rMh5!hHb
zt>WbIzGr@E@OuI_=)Vm77;7uMs&^CaW8>(CzShGJ3wa^4vn6&`LRNy(W2S
zeXfhihMupf$L_82-wz;{!!orMF
zrI_`*h1+WMY5Q;n=AkOCE3Pu3J(FR)x>{mhPCidCZ=hC)w+-Dd(>J1IFq2WMfR72V
zGzMJ!&v*p1y^sBtW0MTU{0?ht3vA-z;3$6n2%G#)PP>x(re%k3XMrlg!cajs=7qL$
zDj++y9;dVD@!rkrl)H_Whlw{`+h9%JGzt(bx*p+efz(X&A%w1^umqeUUbZfW^(bp%
z=&A4!BTAm)x%AB2zj*uf4t_pG3^LxE=?eWrl}TJp_<%Y-QS(6*d;%oy{IP
zc)VznI#+lXRdda456tSlxV8ZC^$x}zkyi3`-u~pY_rDKDdH5B}GZJTt*&sk|akEx=
zH&@t?#J9^ErC|OHTw){fJ@2a1D)W7@bK`L@wq-#M4O5Cze+R>;U!mCG@kWcQ%^>
z4HZlGz0opoR1YhQsP$s;)}O7{aP=~u#smmD7B83ADs_DgdDyPEc6r;*=1R2$+*_NB
z_qbg91S`Q4eRo3+B^};A68%L36gxMZSnuFfQ)IzlJj(QKbyZPGMm*S;>>uMuOvH-xUwKc2KZ@*g-x#lnYs<~)9xkmZ3dMW$8q3Y|-%~{9r
zJ_#FjiOuaG@v&1ksha#D(3U(6e(~6QFVm^>FT2Ttmjakt%(iENmT-|$cBw|7pb
zJhgvzz5P!Xn*uKWVN1|z*tlP^q6jKq0bY;);gEc}-40hOdu$J(ot1Cf*IU^Rol$DT
zQDx~hAdLNDOBUtWxKpx%4k`yXMVYFB9%dbRWJ2$6n>pOu?gwR9N1qoc-r!M>9-kyO
z*z;V?1Y|<|03v`sdhV-DXyK{vN&h#8?$7Bu*tzzdA
z#9-+7aA_1~A}yuBf(&{_
z9ARPAgb^eOdz0Sv@|OLDJ#%lByw;9HE5zG36`G_F*Nb;Pn|!
zviNGmCVa0zf^ellT4p0~ZY;m84H!LNTRieaV1#6M$TWYmpGwVn3O#cjK=@JnQ;z?3
z%Qd>~AcH9W4+-?{ZcDzhc04B?3Zsb4q6uD=607JOsj16bnv7*;GL}{e`A7(A;x>67
zFS>fWz2jWcRLDubY<|q}J~_E&K8>axgD$TJ%GKU4N)gGiCxeYC!%~~Xb(3Ot8XkV=
z849E%%r*&co)!wtigQuGm{b)8t<1Hz*O~p$?KWrl^?La
zd8KakY`IHTQR@=z-Uytu&&1b`q})e`QMH1_blX9!HA5UA$8Mp|<7DIGhb^}vqRCD532!G3U
zNZ+Nh!t`z6hi<+EgHt6r!D`6|`#gN=-zpnJ6(#(S0V_%sMqt~Q;#AJaT(GSqULZ$c=)caHh8FlRWuq?hq^EqUqr>EXujrR`@j
zTAf&h^X)kwCMMk_K)dp584GmDmCtbT((u*nJF}+?$)etfu0WEEW@tsUevK81d2G$#
z!olvEuY2Y7trTjL@9oISSldOIT;S%H;Qc)*f|fu-Bj=YwtFb5O1C8on-0yT-&We}E
z&0E8z5*cLK*YRf;eGhXED+C}uy^iaDSwc${hRoKo=vaTH@4Z+i8>K1KwS$@s4RJhD
zjyF)SY5m}VWbN+05TOjzhd63~lmaXYY@{OFs-b48qHfOx&y4HJJqr5n26IF|>knaB
z**8eK9M(iKdO(XC)`T+Drd0XTz~z2sPjZvh
zfk?Via=^nTC5_hg6KG!&1ca-=%Mw0eC_xraJ6*DK-+Z4DfF31TI^ncfdhnprHE2vI
zy}73_gT?xmC{Q#zPESgL^}#66G()1~y|w0lD&QPOt-K%Y0Rf$Z@;EqilL&oSIB-;M
z05?lDY>>RNiiz1nvH{HDA5q&
zD4&0Yd|7ZTOZQd1z^jqSRVd6LgxE0Py+rx^@VlK+R%Y0&Uzl)589;?!f(rCM7}Hwu
z-!+Z)cj~#(SJUwin2P0c@O>;+Xd#!>md#aBOLx9K)`~U$m=b7hN@N+s=4L83*<{h!
z(6Q*hXJ;pZ-t$B#_OJYG(Y}5BFS=_uZRq@gDe)pvs#h@7q_kiia{D^3r5kFntJMQ
z3mXL5eGgZ^Pdy%PY#lvPhB-69a?`Y2@gG3S$)X_p(3VR7TVE}%{-0SLaI=O|5d}rQ
zrw+dN_Z%(m5^fo39%__v?)i;=k5IkJMPQ5X12kP}<$PLC=;@Pqxw(@imWdTRNp6ET;Z|-u-Phwe5*;_a_Z@4n`{I<pBcqu8^yHAtzV*`n=%hlh=h
zv20H)jaZ*c3BV~8+AhD#o3z*J3!zsTKY8`aAJWX#v@Yg;Mu0-x&o*Zw|zt*eFd*Eo<%Suv=rR
zbr#(EU8$ng`EWJmM-q>h_NKa|kT&t-%!4h-^H@tLil`maGwH^;>8X&*$}C#~OVfx8
zI-o#{RrXQH_oaQwvH4V+SBi5}{E2MD@`+oRMGk>5d(+s5NJFIWksX{T7$W^4%y+x`)jR
z=8OB2t5GJI+q#7k3^V)s-{Gu^=6G?Qd18|n;+*lW60~GqX@?r#@J1o~E9Fa_JbN4;
z^f#n4DeG9IiHy*gd;zxW`5#9zLsnFX3R!U?^8~}rj-&inpFEvfJirE-$JGysg_%13
zWwEqVq@Y$O9u`~CfoNF`sQiM$?O`~{&jA}~1HUL9^`roX|!{gD3W
zre1R&-Z4yCxbjkoaI>SbPgdLgA(^d~UeQ$Zw)DmO8r#-C!p=r7q8jk3s_|d>?JdE_
z-?`?LK2A5V(QTL6Zkt}wdW^>1LRvl>Yn1piHHTeLzvhz(>`XJ4P(lKZaUw-kx5wT&
zuJ*?BelXAxHw6;JX8%A-8_daKWzXx8C~{X+iu~YkJrmvPR4>Q}{T(|uD^z!~gjtRO
zLTza>i~#H0U#{pIf$u8{i=~^3gAq>J+`3s1c*H!v?mUKs-Q0)w4-ffxM>wq7B>e1s@@0K|Hy-iqIUg>N8SGJ5}3%6)(
z61a_Qd1<=V6ZLHCIhTq1A#r`}+qPHEo`uR;55B>
zO2J(L)LZAb4cZj^U>cS7O*@4UX!30?qFe6uMt=!28v&ah!omkOqqSc;D@Sp1F4>Hh
zvlzkSRB{yYmqqQcXOBc1~xL=T=B5t?=b=!8wZDVDE
zE1mJ_Evv9m@vhW@x-Vy!j>Linto^2^wDPdrLn3=i`8(&T+vyL1G*0`)nsvc`*g;$Z
zNO~MIYppb**aoH9Mlip6Wci<}1kOxI)%q1|g}ja*3LoXPheDU~>x8DXNbG%|+f8Q(
zmqyIQ)F%hIG|P3*Exx*Ur>rjOny~H%{i4b|LK#LR?rF>VdJD1NzVH=cWvlon7#K>DRK*Gfvt~dM%CqzW
zD
zj=p+kO~xY|LdNrMnEh(~i7gcE)gPF-{jWI{b|*x_r0=Wl^mEIuGxyAjN{C7J6n~};
z4SCaPr;6>%$t6d%#Q=ZOw90g^M`bX&ZOCB>_S3vr!|LS*v!XSTX0_PO7n}uhZgS88
z_xtudN*=#8wPaS^sjvlZraiPLhixIp`$|4ef6P=tpA$vchPPmxNRM`yKb)$F8-ZHj
z_P*-qa$UNfGPKCoa?2ySzkA!?2``5HYp#Lonob9>FZat-;Ej8@u)8T>+h=A_uF&c^+JuSf@4$n_9Q;r@&oo?$VTjVJ~yv5+Q;h}Q7RKC#PYI?JdJ`>P=
zIat#2dGlXv!YeyBfAL)(>C
zbP9tNBAqV5_PQ;1b;<4L6kOM5SK+KYd@v&Zzl@7?djz$mnxCF9Eoo8mD{-}}otF~9
zcS%Uz{YRhUVt&O8)XJ~bJ!%ZXt8%1N@_AL5iqbY<+s5A%7ps~kqGnEZfKqYu;|s@b
zzvah^i`CGKd(COn@=?!NY9(r|Ds`y-UN4=d#KnHRAyiB$E=FUOZ?}d!$dLNbR^Ys=
zxjfTvM=K)Do8(SMDk*Kw`QfCsz#L$KQ!Ad+IaIZ2TWQcxnH9rwSCMu1n&3k*zN73l
z68E;T(6c%}e-w{YQUhzgG{g>A@F1_5l$O@Aq%xPAEuqj2wia`xz9Gbl4<5buTGwg|
zWSdPOIdP?H25)n>zUnMhf(#DIRFX6>>rI5~kZ(^Ewj#zaRH2GnG0GxdfOV-7W_hgVKM?3F3zRGV&=A7RHWzU$qJWf%-Nss9!BsLGvzg*%*8bQ71)I{Ops&{dV
z3~}E48ljv2V@4L{Tf4XzI#|R5gVH7y=q3=`0#rj(jj@s%aty2)bn8+T=&9mA0PGJ#
z#Z?cB+-O^qVHAzOTsKCh+P#%b-?m-KF^md%%hvhVq2WP>v^EO&cgY57{RpqZ(Hs*D
zKY5-Fkcyf=gqR(WyXMw5rCae7)TyG7dETPo;Q{7p&l-eD<~zX1C5?R?NiB
z^uI17A;WJ%HDIfXmRxEUTWh(5@M)E4pZ|uC_$i*K9Zq<8zk!G58B``s#KS?`pgkyD
z<-Y(c2bHLjGc}`xuu@992G_FRXoo}N>*KGz#|>-M)U^b63povof&UEmHN6s*406EL
zn(KDPXyQ^qrQ~0fa4-c$Wk$!t`6w{T;}yCzN!5a>=(~1HQ2)uF&Ej#&Ii=Kdg#>rmUf{Sf}xwD
znN9(F+&`7XaN4PV4cC|I#Nm2T-tDyHG$po63DbQ9EeFAkbdB*|;#2$VT@v5z3g30{
z`<#ydwcwnp4vw}0bzxl}t#^Z9Bs|-ZUhzgX8wQ{29&3X5_-Dz9(0M-{lAgpInD?0
zK(#3%f~|fXYRcj)YI(n2oROpu8ucp%C`19!sS3yd83c!H@!$;z32W}@XB$KW)!cWHO6zz#YaTrM%u}%~zW{GT+?pc)qW`)^~
z-{@6Bb)H=FU7t**9^-G(`%JLI75hi)$h-A1;%7k|CvHOPb?2cU-BD)Prd3iw@vV@M9_Xn}BEc1Ty
z3kM~}!u+cf^Q*&O6^On7RA{(iNX5cv-fgpole_6%7njIfaPi_45Drbivuuj9nAHJY
zj6C)W>y6N_a}RxxeMA*G6&O4y314T~V0RZRe3UBaViE8!0D`UXnbhm}njrGmc>x)Z
zd+bQX0okHm##MViY$n-gD1#|c_S9OyG9X5UJNP%GU}0_`D@|!tQYZet)c_()^qj&Y`>X`%KD!HpG-}TV9G$Tm%4z;BCr1^d{E{!@`!yw91_x`>HGg&tsAL}
z{ad=;oJR<$1Bv#|DU!0`LU=L4R8$fY66peX7->nuW#!~lec}=yAsJUFa*@mgNqUih
zzz;$dn&kL<%yQwV;mBy@AK&C+s)d&Z$(Dzz$Rb9gMahl~Dv(KXa^&y
zgMMN_2(QEPlzBbq!aIvLs|nat$#VnY-Un5E77bx0jb7y`P{mV0r>Pdo3<-%Q7cZn1
ze@k7^FUc{KIE!~%TlRw!uubJ*PFopAvklwL2@hRuraup>yr=^;#aP|QR}H$_g@k7qY8JSNO^B{FP5rv
z$Ew-%UOx?}xOe(qvN@LxgzOcmN{20*KPo{QiGBojrX>vXCX*B0)xqfu6`l?};b;I}R|b6h
zys1b{Wegv%fLNDpux$EZAS2anaIy>N$njGRptGOD`Tx<_SbL=!m^n6acJ`)uJd5*s
zSNsl!OH55)BCY#0jbq2clrb-87FSH+TFk^0N+DVJ+hpQ>qS!PdS7yY)^Xs>CqQ)bn
zb2UBLq}dR%y`z%ROX-u3#a9;L0V|3XBax$rnzqfCm}<1a3f;-jnDH`vhH(B(*WUu>
z%GoE8jqE&_vv;t0SE18Ge$@*(_zn&{ZN~w84$b#4R{b)r?iYv~;YX*bNVL_5KhFc2
zRBGA1JDxh~|F=b6p6Ih-rKF68XbgJ+qPNvuY9pg-s06XITAH#-3t{8CH_x)+`o&nD
zSkqhq3UXd9e?r;L^WqHCU&EBv)*iKD!waA?RmtccD^59$oJF%*?S(mNF1@4h=exS^
zVkN+Z->6$L^Z`i=iX+m3X|m?~(^e#X0kd7TLEmaIqGZCaUg?cUBMntx@V08tt^(X%
z_iv-2PE({Wy8qFl-X({?#)kO0^6sBz$Rro@$##=ZsSOc$c#Yg66D3rIOxF%kWiOZ*
zML~}w4iEYJ@vm~J65D=~WkK=I0fXL^BCOy@O;&X>q-&6`CY)nE8>neGnL4~Ha
zb~?vQ-bf$I_XVr*qG|ldXN(79r0`{5UthF*l%g4%;XlX#s)|sj1U8^!rwh-f1}x$^
z{~7aU@$;nQcMS1le#MG7w`%IRXr3mk;Z)8TQxf{Ud`R^<=&+P9xZgL_&2r{{U&Eh>ASwCAYsNZ3t
zZxd^?3+s6fn6Hr*5$JeN>n~^ptya^SeD13{-$Xu6d>g&EP1acVB>?
zW3*ZO3A}OP|ChoVi;zQ_{G_5-?gMHBB{<6V06%e`NQkI{@vrBsh=}trvZMkwW1`H5
zf?l^RY$h=&HJyMUS%xYJcIUM1t8U4U?9-0%deVh6?G}w|jrZZKp@b~&Fx`5(bcxT^(;W^b5kPyG3|vS%=mA1
zlcY=@E!Zef7FrsYc31v>)o|^YPdbs7%BazH+UB;rn56aWe7Ep>m{(&T&$c{ytb6|B
zRgXYNkn)h!5uY~0|K2Mpi)NI^rSbbk*W8qI8
zIPAWfMbpyw5zhoD)Yeo|OGDM+kwVWl8P2Q=`QLUYiT{h;>9%cKo)-O!?Lg;hyK{bi
zoxO|r=~py8A6Rh$qfT?dfM`1{#Za^)dur)GZ}?YES6Et#Xz^QSOPn@&j@1}^VjKV`
zSwkz)aA^6&c>^+H%I{}<%|la#s9-*8_0etvqPNBm4L*lSDL84~vzN(YkTr?qDn`kl
zH#dhf0OIo=W)h#fZDvEiCQlw7o;#gFKaYo>@r6Kww`%X;w+i|SZl5nYAtY};v^-#q
z?;^iS`tS7Cz32{noiewuD0)_W?WENTH5l{_A5Z$
zNnFL#^KE%G#iP2%;8~S)A-;nRLx>Qz9!J>$oq{}L*XqYC<>95vHgcNC?%93&U48Yc
z?ef9Z4C0EAtk0)KJ)xUXZi(3261X$(8E3VmN87A6O`=LM=|BmeDmSUC;98o!etP1%
z(6g`1K*_SM_QEUtXC)2^(2;WC6paZoxt-~fY$|2+drjtvy)qQYRI1nEtdwlzUL5g1
zI-wql|B|*8Q^OCIjJ1o{dYeX}zk7Ne`y(LS9p{wHJNYv1eWA7-gtj#6mtzvz|5n8H^oCY>ea<4V%M)+t!q0wP3{F|ak+M-RD
zNzH0nH-0dp9US~78-KgkiWNVSH!-4ny=uWORJ>$%iK`RFMeZ@FKE8g17$9CeWlXJH
zIVX2(WoidRO&i{QpRk8GpF1Y;?!R;j1_RS4^eVP#WuaW=oa|~xZ8ZCzv-Ils+uXm*
z70M`>Rjvy6aB9I=&=wpX)}c?+AXsYfI~WDo>9v
zERe4ImamOEGPciYlfS%PFjQcitq7#WE!M0gI;FGSGY{<@7eIWK^q-Qsb8Ezk{b2jC
zvm$A7IWK4r@lC)-bacE}eeJd3Wc|fMMW*+#8Bs*`!-_){Cnm7zt}v3;f%$tZ8uxi0
zp{Q^u$_{)Q*}(s@tT0?KEXjo}D7uSf{>f2n7^E*-7qjucV80
zh4ZfbJ+(jotuTY~Fi3?S->N{ov0tki^u}({wib1zYXW8I>ldayQw0QJh#&LLsS6Ai
z{+r}4$nAHHFrZ*7iai#F8`g*{wm8~1pQbBUBFH62M2B%?WORD)aiF3`E{?=jrA))*
z^)7X0RN^^GQ{j5LUJIMocoP#7H0C}c3Qt*thpT3P*kQr)a2P#4U0m*81XY(L)%VUl
z1_iOfkHz`v26iaCagv=3N)YRU26purHD7^rH15nR6qK)1!@n8g`r(Bs}j4syy_+rBo
zp=(oe9TfaCmyMfjgZwYYI=^0H*P@_LGN?Cy8`o9#+UpRzbfdaOcB;F(I-H8XBQJPR
zj9$SjysU;wh=cV1pzbY$;)=fQK?orUBoN#K!5spPYk&a3-7UCV;~pSD@Zb(1xVu||
zYd7u=jk`N@;rD;mY3BI0jqfnHU6q6KI*7SNWSN18aRw=q8B8}20
z77H6)qK~wqqJosx=p|AVk?>E+k7!NVVrhW%R|qnaAR%#rC?g#mS=Vh~cQ%y?PG)RC
zK!Di@H7nu59`>u8XF{{O@;^1THSvjfd-l`hY^0odjhVHTj$oFiMi--0<`28(kPx|n
zL1r2nhF%B_9Yu5ymPJdVMoe5;uD$`4mDdisvu
zzDJ4u{=Ho&$vv>C#uqdy9b$I^*_TI-qY4e_u^<(9zg-`j;G1|#B_HpAGUvrGb8fkz
zwOh_qT;yBLtp`r3}rT9!3&Fs=-pXSSpEf;c7;6eb6H?`zUTah{r@9(Ox3GhY0USOqJ-3*Dt8L{WZYlkAtf+4bZ0`;n2v$jQ
zzWXa=Y6=vwsQpNBNwk#>^2{a!<@{8ReD}iVqow}$(^MN}bIp}cd1NP7$7}f}X_57=
z0Xb9U>;%r%l3yixYK+IhrBwFRUG`DXgZ%z?g5F2JFrC50FLS8ls_6o0gy3U0;C)rP
ze?x(7;`CqJM5qH0AQJRo%Mtw-KR16Tl2M|O3rvf&qe&VC)raolM
zI=t0XRO67+-OmAtrcuTZm?Yj{C``#p41C>REOHP%ym~
zkp};Q&MXgVZsboGhKXfqOtP~vtsJ}7_at|e7%K>!9xq~D(9Q2a?OFNtTl|Wm@2Ce
ztrAA8Ihk@FqYFN~eu)J$Ha0cR!*Q-0f0efFV#RIPhwaze%_rz04ED8t31@>2D`Wyq
zbMjI07s0{eHC1&MyVSP7_!}b?AXWV9qrgM^MCg!egBk>y|MKn}Wnhqzj)5U8lB`qQ
z_#^k&w&Og6)j$<&C7jIIV*UB=-V4T+k%3T5^5Jx3
z@Br~R(eqggC`7!`nv+mbaMw2C^8NfXEDRZ1cz_?1B)t(Fe49m1PS!!bHWpgA%_`kC
zJmmT;V8MN9P=~cJ@Q2F7FU8i#+{o64jIhVtFZNrhT
zJ?@27!^vOQ|KZOBsKjl`asnDk&}3qTakjzOuZV+?)pfsGmNZFI4t1=E&}n6Yuu8{j
zhq+ftIqRsz7$O5^?A*NQB|jzPpf*-a5q;)Hc3f|-$dCbIY@+9r?iWy73Oro@?W(~2
z-)P!Cy$JXH|G75E({lYEAvD!s;07g0Td=37N+0YIV$y_N)Qm-aYSOegA<8$`50f;J
zv#l_TQ&f<1Qc#Fu^n$PWG0T=ej5lQB@q)KLWBq%t1;q7rbuF3Ia;qs>2^kB~#jNos9=2bO
zyDM|koi#85Oyq5Z&)Z#LeGt&J>GBGT|I4g)w+5=)YZth^kr*ynFk|Z%^<;vDjlCuW
zF!qN2{t(Nu#jEY(zhWMh+jwlq&Qkgh|MF}aU^vy-23`A+i_Hr~`6=|OP%F|cbsQ0w
z9l6~){x+{BOY|N)Cj3GifT91xkU-;kl-#0A@^QVH1K`V*$ps7EC7=JC4Ab=)$|79i
z`dagmwmL5*M7Jy<%$YOQ`#NC4Wzi0yb|xGsJ@F}epE{HknSZufLs{%yEh&%zrFqA9
zJ40|QRPv2m-EB?q@o*?>hSBTQ-d1lkgGiL1b?fE^{e%5^4JLboK^Oa__2P+>^jobz
zlTd9?8=|8;V$rDWWt!YlOS|)z*a{z=^Gj<%Y6|wg^_{mZi}Di2{IFPr_c~r(j|;cv
zMph-m5C4ds;wRD+%g)${H(nJR?sF^qzu&HI6g?g?PNmk`%q6kVFiN-kqFgRrO!;U#
zmGF-gs!ZuRTwa9h^{|7Dk+b@YWZuC2J$$~}Xkc;2a8ObnYPsy!Og)@KecbyfO&e1+
z!ZcCZ*ta`wITtI|M5gL7aDuD@!~r?!be5o06ildVtJfxDoh@(l+`{O9N#vCLnzz>}
z31{i_M%pkS5;*u<@+WdBTVn{GKrsQEYcF2
z7j^qetBKgdrbBB{BWoU@3XFvw?_8Z2Epe|)PfHBlpKS2jXx|sOC96%iDq(njLGb;u16P|N
z!R@g<)ROn}!jVYT{H)B@y7k1jiP#Cc(cg8-Xo@2sqUgF_GKQTUC@_bfbiW{@%WUJm
zS1Y~<=8;{WiAlpfl{bx=GF5xretg($V^W4xvr0{jT-FKNcZif(FJ%n>HHn-Be`oph
z8G5-09`pT6w)%_x_($r#tJfn^G(UQZOvt_4WvCjT>l8V05?{mLWHh+%OGy9AR^=*u
z-C7|zyxp3>&2V$wZ=pYIK7|NAUPGCAHsumPC@CY@_d^bKHurn#tQA3=v?>6vM`TaR
z{_!7)>D29t&G2(*vs12bH;0*gQkdrTSJAGd_vy{&nF|N_MuF|=r&!nGq*{M&W?GVh>oQ6
zh5sB#0n@#?`616osigcUcly3e*JVWT3!$zBz{>ByJCOS9h@(OYu$Uf5{)Ar$H^j099Ugr$2PRamCG0;ElKBp?p)UtjE!
z{am!Gj`ztUGB{qfR^9?J{iU0RpdzK|Or6Um@3nW}+_*yb5D^!_dc&z>OpTWLq;UIJ
zU-plYZaMhu?s1@!E9HZ&qh@THos_1R#ctkX2k&1HL`6dOn2;fM8sh~n>5b0krCEK9
z_wA>G4k-$dPdCV?X?42x=T5wk3m~z2pWcVFn2D<3$aQ6c9V&RL;TY;xit5HOxW;In
zuGexs4`iD!xehEnoE&ZbIPFbx4^t63nyJ|+WN*?|)bbF$m~ddJ0$6zNuiZ+SAC?5w
ztWdtOh0Ewl!@&&-KAZ0qEy%@ds@$o_lzK;-d5@|4Q<5>5bO#;diTmLQcH{?&lUHAG
zvrVSMm-0)_=Z|+Bpk=pwf%&Nw^&KFBR{=s?2!9-{VIEKA#NrSv3G23k+<5*@?F$zQw7
zd*3H3VMPE!WoX#{j4-0KYpt~ER%UD!o5Dd&Zwpg}q5O4v4!8cYvB|C6gws@sG7!hJ
zy+J*Whx6GvUF2NGU#UaR5xKq?DMJP({k|^t`c8;uNna1^XpC4*!-As}WB=%lK1!Adsw>xIoVEwMah%94`CWEzL{@Z?-
zAcB~U^|T9#t-A%xmo?(0&y?+@&u$AfiO*deC?^?z9?>{a58eG@j9qQvq|v1$ma(oZ
zBLyD@oW$V@_i{dWXXh^a7X>l)Ca#OT8Q-XTe~%n#8D5qy9bcFpiq^~tCL+b+!8AIc
zd>1FPoQqsrQ3~{c8D8zD2g>!tbXClj#pU#z#^!Xx|ExIV@>2%_^*CilaaSHbSA$M2
z&6^7p1Py<6;Nk2fo_%Xd8q>k%HE|a~@WMsaM6*GgobI&in55OGwZatD`Re0@#P0Yc
zckw4-vrNe2P~K$m48IQK4E!L!d|^uB>U=8~g{b8IM@o#|utm52A*1O}Ws2LhVcqs1
zlWDWF;>qS?qeYsMtBU(cK}(ZOE9w9Z2N){cGb9PAxrG__X96YzP67w6bJGB*uI+4O3^
z(yE9!`g*tATEl7WK1W$2T~Jk)fo{2)7
z&x6e^=+cH8jb(k<+6Ke${r324-b0O+9s1RBdCn>sS;JAmgNMt7$l|$+=(x09;(Ct-
zOXy?lFk5kQP1Io>fHVGr5iMM@@XSYi;B`Kjzn+w9{bvue_L|2J8j>X=v7!-dG+t<{
z^YqI79ZNewlZZPG5XI8HhWjq@eAkS&1
zrO$22E+F#SG)?U3
zPy~*FxcCN2ZmL=_=Xr}+ugbam&2O^(>a*PYI*At!TD)Qv=)o}$6*p1m%w7iukJCf@
zJ-|*gIK$c-gr?zL_8ceOJ&
zrF(C6*{)UclynFgk>gUB4itgm;1c1UfLI0vZja^12k(v@1kw3Ecz6>_pKCg(n%+|R
zaX}e*a_n^TWo_gqfNn33%i8U%;e(#u@6;q^GRNO7Wu@L{d4HIW*#eS{WVszQP6gE-
z&I4Uqq<}l???^M+QbB94^;r~~YXpm#acWm8Qudo=$R@G-K{U*2AbgA#I
z>*|D_7g&%FXDw5A=WQf64D-3HAi;(zb*`G=ABQ9jk4ulUM-E7plykc;y#=j0gj$!}
zZ^z~?Jh#-k;-SL@5HfuZs>b^>NZ@N-u*^4TloyysnjAwbo6Ac|ivK@!^+jJ?!_3O0jWroG*}QH)26`6OUIt
z*d%Gac`L6lzgm#{w|Z{$t7t{4NK#V|lp8wz3k4+YtJ8V%GHq_$=%%)y0Lq;Eiq^*8~qcH+?EX8ru<4}57)(B+_OD1TXMiAL3J30yKjmIR8J{1Sh(Hc(dV2E&ptPO^WQpVmNPS=zL^Ga)Wa
ze`6n00o07v&R5)Qh^XN5YGPtnQ7^!zWa_2|oi^~7nWhDQy+hJGU0u2vXnSbAxjnks
zc$-qQUdI}Xf48t+&e9(t~(Jv}6d
z>{%j%!|yp}}
zX>Z&D!}~a2TFu?>KS)P-?Xv-wyjqG)PLj5b3tXLc8U)awob$?q{&)l+quhL!P-NqC
zY34rly~Ka&Fszz(`o3dxvgCGIxeAc2D+aNae5oSav6iv-wmgrkYg;B#=Hue<@@9qo
z`rYld>7-VA&&OA}c=H0jgTeMqdA>Md%$>{K{?6P*z46$Mejy0%YT+4Pl9Gp5m8H)+
z9SRb=Jvusa4{)eLvXvxwFj@qsuXe-*@1y4gXNDD(w3TN3_*FW!OUgc-{EaZ3D)H$F
zS_G&D@t4-$~
znx}U=$yi~25}t7)1pc#|&IzQMDq^ARs+f!hi!~%ijfrgw0OFKw57p+Q
zw_TGn^G05ECTe$bwzh67_j)3B*nT2>(?EWI4v@l8cbhjx+QoK9@o|+D{(AVv^0DG3
zw7dZ(-DO=$b$51vStoEKYNSei;Rm^Xfh|sob5`ek;&{_X#pD=X5Sa2-w)J)=0+1C(
z0c4uz1oBiO7>}`-v?1{#FaT6~(y2XS5aJg3xz&}lRN8#oT~vFYil#S2OhR&acp!bh
z0+ESqxz1q@&@X4tW~uU?sXm_UQEl5$^FxAn)*~UkPM^PDZnM4TsV_+o;D8X9(Ms6O
zI*sW7YeFPvPE(Q%ARcP7p5m|Fyz29N>$*L<2M!#TY?u%ynK>S2hqm5^s*NO;Ab1=H
zPc3@boYqE??^u<6tGxJgd$y=mrg83Yk~q)N36K40w`lIcp<_2_O^Tpf!_e?7y>|KV
zpm{&jrNvWX6B>74A6epVw8<$bS~neGnb%Uk@K~~2*0j=hxEfu&?-%oMJeuM`4GPYW
z5V#wtO|kX4y8rvC&$Es6^XSrNB#--^A55=!-f|?~FQDYed)^^<&ek&exdi(hJD&8?v?#(`RWw;>TUvZVu`793Z{M+Mhjo
zQ^A2Xt`ZF|DmR%AOWSTVwI0vo9yL$@T|Q*%M$IQflkO3)<+-GxcPEpZhdu7CS)Pl|
zbNh0Sit5w-3TBWD`Z@b+K5+HvEwkpXY4k4ol+I&b59*CllPk~O%0afzyl0mn6)3p=
zpphNg3?_?V#4g&e;ne$WKz~Cwkebo3Tk9itvD;=pA;YPCeGt`I$&&Y?QkWSp)h%bEhC01!saPhFWIn|vJ#%`c*>I!9(^V4%x42}4q;<)t*?zj#=y
z*(A2q6yh{-mLhGhC9Nr*wNH0(vlXovAg?Q3TuYkiYyJ*!Dw$-})_9!!qeS&LiXG9k
z3J;?3XJ{NB0&SpgUl8OhV;37WT`pe
z+;78XF9&C%|1?JE*SgmB`5iOBfQkP5EVv9%g4c4a;t-I$HYUwzQ@l+S
zKcfZ_6f5~pjMX44SlQ&Ze+lzRcA9ob0wVE@!(Y^3&X^q#>m^zZ3cgi-8T@@lLZ;uA
zaE!L5Z6M$^++RvK049G@XZ)oSR);H2%tIWXn2;vdFB2Rd85&7PDCA$1DY&e|%Uu+^i;)tm)s?wtO4n23UNVCkr-%RVV#mIuH7^DJ#R*|au9b{2T4i(ZAo53FSaCoy`hj-{+K11-QBjWB
z6M=+iou_#%XM2t?hLV}qi?-;N$eIATrgoVg03LhK*ac)
z-yq}9(1?5WXgp?|B>(le6Bt?>3GfB>cN_F+{L!PRDBxrJSXba7ozr33Q2|EF7eIMM
zPWMr>Y-~qa)XPD@3uCtf{AITN{Jzn_JrR?%jzO}cP=#-i`Ie(QJs#c+jH
zkTZZ{Ka;^;C-Jp`S@izeN`nRci~1U>SWYF9++n}Zw^oH}eh9pHiW&aLZ$t)n9~S=p
z(%7VK575cE9FI_KJy@WR!@5%WR}R2C(x34HlEJL8vuwTbS^x$WEfIdgv$CZ$lfMmtaMnVcHT9X88Wb`%mAQvb=PdUMS*%fK?A_qtpT
zwik6nB&f!zhN~7E^Sioo2fe6fW{-q9v*T3Ii-
zz*TZ8h!B(!TcC!zx-J1-H{ouy0`7_5%wIgOV^PT2S~bpULr*eY($9{)+_7z)>gbok
z!tfOVlxkbXE!ZR8eHs*!GNxKeI!+w_c83e93w_a(wAqHG$vOc+7xtPFUdsZNobhVe
zD9s_8XO3_==G{LdX5o|-Lg@kuO0ajvhRrQp8>VW|pL`Z74&sK!5;m(df2%jpYrc@<
zThI&!M+8&4I6FEzPvO9_^Ev_D3`rTPg{$>+ULKxC`l{$GMQ}f_yey6=1Q0GL>X}e9
z(XbJw3zl>ke09T_pdtQ_7c*^1eqnxML0L6D0|O&{tbO!rO^5Y*_OGnghwX{|{c6Z)
z^;P{9z?HEsQ5)D%@JV6yBj5wRloXMAT@siYm5LUpY(v;c}
ztsqgliZy#)3)%oA-=4^qn6Hh<;>^kmxR_ZO+Zv0iViq-`)D#u8IQ~|pEnO8G%wMNz
z#(+!>BVt(HVAB`#BeT=8GN?$hw7C_C$fQqM6GG2dbU$D>fB#-Qp1qzOTimGMF#CP*
z?=$7q&o2fF3ejx|K90_!xN^nBWx-q@gv^P)4OG0e(%it`1Z{2b)8UEWz#ex;hJR>R
z7x{&~>@2twYRJ$0C_qZxmMLx|)TQuF0RzE*xHNY_W4w%7_{1DRJ5DGIZ@0Mr-4T#n
zaB}VC6d++Qv^~MMi>HVksgRx&kEhl-USQ1FfUa+zq++H9m<9$@HIpAO9QmCdTp37V
zJyp06t9Ejlp0adyBtQft)0qgOv~q;vy)4u=!yGc?8V8vc`)O*0TQfswCVF!$i)*OF==w#%6E3
zBhQ*TU_w~zkBKE62>E7v+*NR@iiS{l<+Gts@gdSuKAWR=aQ6DIt@YIP6WzIMMhl|u
zG@yiIC=q2&g7!^tqPHS}ctByrjv4M!YO;Wp+N<#RF&!*dzM{fBy(hyh^`G)Q%(QbAFYYwpz#d#&As1KNE80a`S8~ZDmDOwZ%a6UF6Ba_vhJJftF
zB}$)1sR(*iI4bvnZwD6-hgkOW7b=q+>Ggq#3n5$*GIUi@1`6n#vS|T
z_Dp?4CsF8{8mi9P6cZ0W#tl|#VhXE}l0IlUR>>hrNaWRqY3?-<&;@^t>C2Jc{!^1W
z^DcT!RY6#`pMICbI>d?BvMBW-nQtkJRz~sm>sx?3A$C0iTb|?Oajxm@71b!8_nqCv
z?W2t?3XW+S_BRc6eT`+iy4CXDN^b_6uAHtC`RegZU9*BFd6xtV>zG{gwF8?r)9C7K
zb3#p3&5K8`wpQlS(?KJX6X}Buhpc^pIi4b`Tv^(`ragium&a#kNUmtf3lu7Sj%>TZ
z==P?vRz1ZZ>Rs}1CY88|$c
z87O|euBelJjRi8Eh85MzT69!sDC&ESnO_ZJh6z67(aIZlo#`*SR*PK^XQ*0J;M@F89KWPZ;20#83UM$g5Ql}sOl
z93lec3dmMn;S!^)D`45K9jlOfUlnYG6r&ikMFWu$Z!RP#^2ar0L_#iymVbY-g5-t{k@JiEQ4CFVdtv+QQ*Xd=`X<6KZmgL*4ume+pP$Li6^3j?*P^SOf_sj4E>@zQ
z`A>A=GCX9k0GFm5Z{7LE-N>fJtw8{?DI%3))=-%n-7a3*BexJt+CKv>HXJD?UboK>
zxKSx$vt9bGoH}$-gJhak8h9V>w?VY$IVzZg(-$Csp3Rm(zPhE8DH>zyKG$)JzK#_gLNDUfFh^TYy3Z*>+YI$fy2*
z36rzws+p+;j@#VU;^!7T0R6&6-$;K48gN6Z62XUUpTkj<_qMhfzdDEK)NE49Bq|vS
z&U=%fQKx2s0s^h+HUQ{*cx$W=y%gvFn5&G_bG^{&^tvSYmjCkm&uRufTwd;cl@rS`
z43dR5j~dG?=QM<4fPfg4bx`6c)qP8(=)C}>y?s@KPYWU0f`GrF_*LsgD
zM1c^-%q)Q^JYZxcmD-!3jq~pTQLHm?n?naZ7gK9k!H8K+bl}-1+elu{g_e8IJ3oaN
z5sX$}22@y(>Zj+XY#JLH7EV334i8C|oktmgb*t1@;n2f!$=oy#cDejKHvnQ_tchNn
z_|FiFP~~3p8&NMQCN?!SI$23mU0z+BRp&lDt)LTk)0CQ$GAA$36h`Sm
zd@M~%IwB)?F=`*|mb6XVM{8zfA!b7r;SYfLj+s1@(aEZx^XZ3Z0lotLJZ7yV(4WJ;
z-I2Z-TG|4${=GX4qSrMkxeCEoL-o?d+_Wr|RYbPu8r&&i%+RkA(vp&ZDQahb`-Sd|
zwnee8c#xK&_GoxHauJuqKdh!_oHzqG8BlpK_vnX#90P#1HqRY0rOkzeIp
zTK(?+ksm}t3EERL-4uTVx5W=wh4ORifU2ce`^p-K|4L1T9W1u}B82|T?WO4;?oSJr
zUc95D$|U2y>W{N)Mr(Sx&v_+N1P|v*`k4#iuj5tAwMqZCMrVEo*%0FsxZ;)zQHhh)Q2v@xJtv(Bg<{s>oYhMa+AuN}@f7(7bCR`$Y
z(v(^23oiC8-}#FluL>MYp|6ZVZq{X*?gD6##*(0duXz}3@svx>0{db7agUwHmUS(w
z^wPG@H;i*{fkqyE;GT{Nugl&fO-Sze6#9-G7ZJRknw-UTc;7prBsr#yy79UrBlqc<
zxh$pNdIo~Hh!)QRLa&J01VuU{wpH}gi$C%+(;#;5xr?1`3phC4FVBM`tnC0KLoJsf
zKmAg`e!{_R0hMrY<%q!7!F^^1PN?sUz{-S!b4ULHg0lj81qU}A`ebO|27p+T-aWro
z_Wl3rwW{1)s{b^B_`hqSXiC;{N12Y4bo-`jnusXM^p=W}Hb$M$d1I8@lrT^3H6Mhm
zywUrzAw*Mw*z0n&OR5!r=$-HAC?G$ku^FV@WOp1EV|*_y+aO9AS3~nyPQ0(MY4(z_`W>_g7n+>M?E!m{RX{`mNMAj)?1>bn{T|-60NjIHMxO&NV-8
z9wn-?)_d5^xfICY^?1Ojo~M+GXGrGUy+2+eZp4TSGIg$Tg!}vUc~L$L+T~8|s*vFb
z|7_T(v_E@FeF0d@n7QyRF(L0>A=L3v*#Q;sP=Uj=sqy=?3eEWIqpOqc$E~S*JB|&K
z`^WSCUp^&A$jkuc8rn`_YDS$}eXg>YfJfFjfREAgW
zAf?2jJKNT!;R3h7HI_$OmdYwgI#=zt-tv)@GF(add=`S<`s^a!AQYebQ-7P_b1SFK
zJ|xCJ>$4#>^zlP{1U=&yAN6Vjs?Z;AZUvW;+3uz~OUXWJzPzCv*Vg*vu=lI&(bA~L
zj>CGnmjoe+ouT;h-7DW;$5(sPnTK~7GrMWTFsGzTI5=jC=TiaHfj>*KnM&Mt7K)DW
z8r9Qb`uFi#PnPE-ODcZ2FgX44dImvv4i8HYvggf}f4*=uFvWad^0?GU0%;{a+S$zT
zI)+Y}?j18RVXAklgEmV5&SCB__fvlby_xr>8x(oH_3n1(xQDX3`?1Ec1>T!>ll~C>
zY(cK|a@Uj9{T1PeFQLL1e_(9C3?d-J+*SvRxBnQYac
zdZ-ZK?u?%d?qmi&1nY%Z;M$P{J%^`DJ303_|HWAdeA!)76}jmP#fZ%Ud<4CF(odOw
z#^yCrW$}dco|h%M^^V)46T1nXcRRzh5X1!}Q@v((gOHA$_j<(5Ti?E^8&jKdup=We
z>n{aL=*iumg_@7$0{zD6a!KQmCA!#7wMF1^hV1f_>_Q}pjkGj*$M9;sZrl4}aMN5n
zCj?vIWEtaQ44@EC>-Kg8*~|$))S0($O}lfqM8Od0uAa+{#g(Fowf@Z+rP)
z(~Qg$+qrw0RauF|$6pi=YjYdkWp)9tOZSjvYtLP;e4pY(bfHh(R;IHNU4=A+svg)i
zJMRCRD2dVgz;o`X@6tY_mL-^0^9WfqXO>H@Iy92c*)Ms;6X&OMVK#Pkti)NYRp)&<
zYZCx6zsV7?Z1uG4=X|Zyr3gFp@{Lv5bi{^8!%HPPIX{GOzunvm&n9rPe*L!`!NXH~
z`n^bZq+Y`Wd%*ZgD!Fs^u>8U8*m#ly2cHX93ae#bKgs*OJBz=!Z*@pEl&r}<_9uij
zf1V1+dgWOIMEwDil6(Se+>
z5YmssoP*pP=?KbJCvP%sWv*5r+zAdYb+R=ikaAu$?yKw~EmZ~$u1)GX$L>R)Aq^Lv
z*KgGu8-wQZpxUDne-(q(uOWt1k;yF=MrOW)qtmZ$i&^e(LYRRRFUAzUH}R7PZUhjV
z!+B@^kJnfAF1l$gQ{;J_8#dbZDkJ_K4!RzPW0(b`Q$8~du7&q@xk`OTovF($N_nz+
zr)zPpa}Drtx^_%{AhBwg{sFus739*UmnEl;wAAOF4~Q}jnfnhetw)Kt`6$b2}t
z7%lP@HEK1VTFkPm-9hyYz2vQRY(ML2BX*r0cmCD)?bDWd4n?HxtM?fVb44`Vi)BT?
zd%xs9Ga-~1y>0MCZ#0BtSCEwPc?*mza`$Xbra{c#s>e`St9vx{&rgfd!)oh!rEiU9
z+go&zl%>{`+-nrB*Jn?dj*fyEk
zmw2eCV4^#Eo)_7cf%|Z=Uy|&xrOJ4DU3K%q%vIFOM(M}sY)d}yI8IMBA#_OcHhn^a
zJ0kOcnq~n!$h*5r&&V{)$A?HYJvZy&-~T$K7w^9f8YF~Zgv_%l&`YkK1LS#Oo*qTK
z5t1r9j`PvPL7+>jsIS^~Zriii130NaYZ?U=z78C>@%bG2P?6XVXiQOy-f;8e|R;8o6XH@JyW&=
z|HcnNmxRlxSH61dpZ|!(yT`d?k4!hl9j1d%h;YsI&v#Mg^hxF5dKvblUEM9;T*ORnB7{!!!5BEdXua7z|Tb_qz3oG4&KMKPb&c)=hwpJ+@RkL4q=d%yx;gmXDJHFgKXy7sl)+
zX%Si&I!>3n17aRQ`uE!}6+vyM9cmma?@$N`I^>FPJsUeNdGB|!b8j&cBR^agr#xIY
z#ze}Phb?qPfl>%xupvu0tQH`IE~RleEHF=n7Temx!8LC^b!|7`jp@&Aef+7q!Mktc
z^Ci4~$!7-cp_h#s8Sn1xx;fi)L&MFncYSvIYXeBy&SrZEb(n5DaVBbyU^;usZclm*lbILT`~!G^s3daH@`(s`4U|8uym{s}BU@{!s1)59CIbwX$@xkXN;yj$0B!
z%JW)}-`ZH|R(;!^nrjZt;Ys_6<6<@0k6omy*S~BC)!DV-0zv7v$N7R3)>^gQS>O>{
zmhNTW0v7<^r(KInm74S-XtzHYle$#T8zkOG`~LbN#@tXG)z-H67b$|C*EWgIW6z_P
z+uy&WV;tOwd2_lB6a5>#_`;H5P387S%K<&ncoW9&4-XPS*6nwPcV=Ws1mS?QB0`V_
zN!R>TzR>BDUCS28)3YMW!jVt!sK;wRnvKHoK3bGk9Fmu}PsqC65wN5e(gkR3r5s=^
zT#Z^XTff;qK_}ktNXn_1-`sm&)IGT9lod8W+f-pVxrIM)$xW?(0NOX<0u_OEYF9#C
zim6}0-61~v8KHO(`G?_cM-2F&E&~>;<<%@Eo9nxpsWxy}FoV@bD7H?kN0TAf7)F14
zWSP79ba@6D(|*$9eXIm#f{tYTZ&7{p6+~py+%@T&cKQKTUWN)U#28sh(>MY3>+Zaw
z$aLhQ!=0T9S>S9OTNeaBm|VP8T3o<9c7--62_#k>jCZU~P7R6xm#OEU^VUW4v??w_
zwlA#(qj&wfj9bK!&c;o8IGzPTT!x7KBpk_s)7z)6dLIVk7bxMrZ{alIre>GyoVKqM
zRLx5p>tjUy8Ai#}a=F%1#!YncmT|X|kXN6lD$r?=kw?*Ss)?X`ixpF@?MZ!
z@YZVmk<AwR;g`qLx)b>e<30c?t3fB^TqWW*VyUT*xB}SMWHzd
z%-K@6N2BD9jnk-{GbWe8Hrmuo*KW$mo`ZDWtDLD@lyWybuSlCW^%Y(Zs~S=q3ngaJ
zh2Bee`gsllH;0nD5SHNqGKj4%hl9bK7ZMG7r3Kl&GXox{+dXjo`jSo@HLy+jo_VS1
zWZ51E-b2W5TQ+ojwA*55?DcrE?VIUxt4YGDiim*?YN4H3`y%auM}Pd^gTWaiUI
zWV=h=R_|H9Ah#frK)b`C*qk~Dto7!z6XZ@d0UrJC<8Q(Su1`#Gc;Wo_8d#SMx6*Zx9
zpjX%mIZd*g;n)t3Z6lm}>oz{K)6hK>cCp5ETlOk>GxEzkSN(2KjnX9V!*T#f&v&Yz
z6o7(y3Z+_FcUycOH`C4m#}h?$rnJb8;~WNm`u?inTC3I2_3Ls0dj^9}>qWT-ax*F5
zO5#1ak~<}KChN;H`b|CI58nnR)~m&&Qj#)R81Hw)2CyHf$QKFNE!yLGMTG+w>I2YY
zac@6p@R;nKSW1c)tzWh|ICs&G50ftJeuevU<7j%spkujmT+4cT&
zXMczBs_p0^9*M;BY!YoCB)O%=WHY>zSle<5)0rn|W=2EO+gh^|vSPScCC%r&G3&gf
zmdCoJ$pQqkPI4`tW#rl%S|JzbYnd~g?!63rKj*}lQ;Lq72!E7-@QkKo
zLjaK4yP5gi_-x~fd{pkBksF0uC9t0Nk6-)shW~(6y5<
ztTpG{tkv&gp+AJ9hR7c#ENY}Xt8`J$NX+z!ID&#zhmk}3a2^&-L33x-4r~PB!hb*C
zTcsyD5m~a>3gL`xsJ^F4qm-vpvE#t}-bVa9jWy&?&sXVatGj^Kv*Z=ciy
zff4vF_ykV@&v${BPn`s?E0Pya*c32k?}0Py>BDdkU~Hd0Y>7ON8qj^x=TU%zyFmkn
z`|0s|^Z!9J?nIC?_ZHzyv^Osqa6-kh*f}}ts;hzHi6ey(3t5FO?%%g^X`p-&c--?}
zue{4)0@yY&)C~;{g@lBJh1=J9BK`gSMMOl%$;o44Vx**`6y#&RQfQV;p5Px*3pe0f
zf5b{NX2qXHHoz=Urb`%5Fq_WTTn_pcGF0_rD{FriG85sMnh97UkH0%fe_VIxXP
zN&rYCo3$lHdn2!=^=dDA07ij93j)#8AqQ;YVMQ4l7(}mSt*x#OFa7)X4~P%I!~43q
zxtZ}=un`ROJon;~k2f`Qugjzg=zLXWWv>xyKYV@{YbgR7vM3wYGAk=RYf+`AaaagEaZU2`L9{O2zKqw=5n&LfBg7y
zb$y+emp5j{R-`Xr4*>PzDlPn_QpHslk25*304kR4V(b1ipo~ERv@TUEJ7d}cu
z!ABLo7&5d0&=u-7tYMaf>6YOliDFbJ7kNDlY>r4f(g6weQ3F^!X}Sf7!3Q}xJ#Jvr7
zf&z|@AD18QU&CN9=Y#j3wookM0%?_#Lg^0Wk_?Q_LyN6NCd<(GRd;1YC%2qXC_5i)yh8+-JoOSzljYT{VdP
z#89#ie;I(*cz9#`>!pJR
zFzd%OeREILS4blAj;5!1mJmdo*tf|?eFCq0e0CKE4ZkvAI*x%llD?49GBP?jwM0cl
z`BIr|z;Ky00T0IdZpLAJhXAPAG^yI%-5mpuwHtIOrgt8hW%rM^dt4p_1PRtU_M
zmX)-?^DZCN)~m08s@?gfAlxehtdx-?`VjO13X#3zDonM6ddcQX`Ff>#G
zfu(3pmcYw94f-pCiQZ!?w^_H%7>%072o1}bWtS`@v5Sq`5+#a#*8Or&TeA)1IGKqN
z&RSHRgXDqCGrOg`LA!2)3NrF1{VRDTC4Vp;x}MU`cHHB?#8C;oF`LC`dvh9`EV!O;
zpGHqdNqPir$S};ZXNQO71qC15+l2?TXUD+xLL)Lo3$#t3oX7#uia5`@#0?R6Mw*O!
zp&sb4oRnqkVvEw{8vjYKr-ButAQNiaIx5U8u(^U0_4ftV&CHvZe*WTgc|245ve7tF
z84q;BG+_SI&f^fD!{XUwrYhnI8TC!G>MIj{MxB4Emf4EiUQ6*ubd(YgWR56+;n_4`
zPAyO_Y;JDe*|8AFur;^H88MS*75PWcL(oKtcJJFR)B`eh9&&)6fup@WOGRV0&0%R}q(G@I
zTgCy&@A%*mu`lQ-LwRhVh?`FT1#J=_cNYf3Cc(8$3dP1k{K_5PgOK7Kfvy&!5cK;M
zLR#k$GCA`Z)^DrK8wA!W?$m|GIaj{eq`zIYFOYwFlttABy{(G#`FrARyJ5GnrC#@-
zJrr+u@S*7Rk)VO1DU9oZ&8FS?Zsp9mVV}F2ack8!9UJI&>!2=|2(ME$Il#&kGXRUH
z!Yok@jn;5;;|?*FOXutB?fohz$4p1JdhE&(X^s}!MUx8K+|&x>-Qj84g57P*{)xRx
zoKCDyyo!Dm7%NU*vm9zqlqH)d-sHf8q^6_X@#`D@3mNI0(W4>ZY6Q?%Je2^AK6@ID
zT#7su5SC<(ZWtAlTeOmbB3goapo#GZ)>)h%t+FOwv19X$8+In3qU>?HKtGAW%eG24
zScsh3!Lck7efH@WFm24&Ub)XmNWoBQw4`Z-FR_v)DwGh?tlK^PKzI+v~*8h~kebmEth=YEY1aKmYV-
z_bQK*qTDdbUTpE;rUO;Dww*q#9EJvL^cpP?n^ppO)-8wZ39Q74PcXqKw>tcL9V
zT%{_dtCRgD&*(0!9Ca0+#l=%nnnWp4gx#rvWKamp*9oqT`J(E-nRyY$!(t)VEfv~8
z(=EvV#uO7W{9Cr4*FFKv6_P?PCNiB#PV~Pu_mzK5_5c4~DiVUAfRuoQfP`F1j&2lb
zsnH>f28q$*qD2IxhQP?tqf=T!X+|@0OoS1mrR#V6e*THyxpi)wTkpsFyk5_Eh4L5U
z?)b__h0C_&6b(O=6+Q@r#M^x=4KKtGj?FRAcqr>g)0NXYs-p~-)jKHemV4^gCfhX=
z(Ee2AszS=T(>(mn$zGl#WBN5xHM*8^TMpoxhM~INjBgukTSkdpQjY~bYW<4h5(#`b
zeYu#$=$Tj3kr;mO;rSKkq$P5QIVR@}nZo(%eXO&xIh)^hdnq7w8}iaBKM`P@p9ZaS
ztcU5}CNzuP^$q};>%Hl0H)Ougl64y}9v%hYfQ9qn5fQn8mO)8ebNV?{k%?e0FX4gr
z>u#bMK-#mm{=0RMQHk1!ON4RCQG^V_^Bo*1`6{B;0&BEPqaWKv*7ed%GX6MS_p&?S
z0v-f<|GV#@TO57Ws``7dbq^7C!U@{z@QkcnCy5mo=#Fk}^C5MN_-SuXesa_n+|$-m
zOhXp4D&NL*cY*xezLUk5F6U%&;pKSXd8@r^1yG
z+uvp}qdSstN8r$Z(obsi`(#duw-PhqqMq8>OIZ9FZn6lImA7NH?&ZMdJN
zK}1C4v$L>&eB3ZpK)XpM5EZbjGEprqU%&6*sMMy!R^w*TX~9vNk(~GS?)Y)cDU!j9
zxG0@6J{k6F&f}?8gaZ9z5_;1U?O$}NysA&i7@Ipb)JsBhbZ7J?8n(MYQPkWPJ(NCW
zm*3OAJ(V9xwAwFlx#mGMEtX^PS|=P^>r%>|wug}ypC>>b?JNP|EZGXO9z|{z{e?G;x=fOcaJhhHj4n^pK8gdYs1@n(R;rV|Y%4O@NkJ=WPSrF>k=
z&Nr^eim^jD!UFYl|3^CrrE%-yL6dbcM2d3TFYLNGdJ#$mc>p;!^tgC_Iac*krxz8)
zTztAN5fohU2%zAm@ev7?wzbeF#q^g>8*f`s#7(2^gNbR95UjugCJaN?5k%eyQjV<=
zbW{b3MpTF6%}@97OqGSC!zchlFGpAkBKlVkmY0_STe|L|PM9Hftu}4V#?HE$emjjS
zxgSUrXXFLK$y5AE>BlBK2mk{bMM`#cr5%dhT+S@ZheeTh?vS2(jKS}xF-EucK?czy
z0j~E_YKt|LR4^en<{K~=Oy>l#B(3wEru6fwOuOpLkWt$D8=0XE`
zDp}y`?h-}Ham?qDZg5s(%wRn&-8enh?db9A0`Em~NHH3$rv{*4JzW|yD;}ztJ=&h~
zj>m21*#`-gVmtG3_fpgf5MK&g+thmUa)$A1Yt#DTo_~<0{_Hm3a=N*54GR8L6m7ua
zQGKAYm(+(4n{6J$9qQ83k_d01k9F4%w%Jsz
ze{xuokGSbDbdOhsV`BH^hrTyIZ9;TLWe|%^8ei)gy_T;_tyD=k+P>kA)F!UVG4;m~
z^fH?3ev*loFjq%I&WE7pvU~&-6tYGoU=uxAtZg)7FFbWLd8cR~Sk2H@%<7#=5j9@&
zq1z0T&Qc8!p*;+nM04qT5^~b)lkym$SU35wY0sZ4U!ycd5S7}7<09&>_?|b~dNvqi
z{8R56_czqW!ob2nU(%aUow)Igp75iHbxRW*>;Zw2jn2V%*<`sxNP(P{r
z13Ov$sxIy3F{@81+K)4i8+E;&;R3MQ%l52?BN8m2?v?$GjSYbEOcVEyJ|L&aOa4zK
zmvk=6#ZJZ}l5sdJbKPB0PDPUq*vZl$CDpLE^=3CV`&B@Ho^lLa)BmP>80hn$93pAI
zK57gRk@D03n1n6ZZOD|WU7o3uF!%hmYWAYShc#KmeZaMh^?cfJg=;vy(RZvB>{$qV
zX|JlT=I!|TaOnnEGL64KXE9Zw&$yA>3!4o-Fn-@eCF##r3CT~d%82U7u6{p%rX&j8+XXlK8B-U$XN*WrNugz-
z8^O72KX|7WJ{bj@IxI|WKd4NnT(Z8v;@`Q44#^#l*|KvHxo`;zR>l>H4C4sPONddEG48wynX?~ppnLSo+&
z^2sfhkw{56SR%H4L+%FzLMl{|0ADE1@G0>B7B60afF8bdn4@r?q?U||1IAuZEA65cWqPm6JG7StVR@vZFKf5~U?=g&=S4v3CcbZE{@
z=2~He-|!%B>$Lxc2CGV+->Z2J2oKD5`t75d=S-JG6uM>_pbfiM+l~nUN#2&$jrj?$
z%BoH@5quawO|M-w!JGe2LM(PMCt{!6{@E~&|5Igs`x?3TgN!cofGV7IR-JKl=D)Nt
zJ?7@N+(JDL&P34P1i4`xyII@s*$!cViUoZFsMsq5Q`0AEx27o*%K-u_D5%=h`D#I}
zXrg+SkeK-BcF5BNBNj$0*tDXnYlUAGb*7nTq(Wi>q1NZxBMQ8w1FU}p?Pe#Knd_$c
z2A_;eCwS|#jHI$IwBT-dEYYva3DJXX^A7
zAqk5c`j=}&%$RMDBN)r4+l6HgO>9pqvKGq0qSKIk8{4h>Z^$+%+>a)dir&wF2uo@p`lk3nZK@732HhKVdUlbPG>i;;j*J1vV)h=-mG5
ziFD!*VtW!bkBAs1z#|Rv)Slu(_;@3@{CB!H}CxJg&E6pkI^xARqi`4F)1n@
zN-?3mUchrt&GiTOKNgv3ych2s4c#lf7bz@@au|82CXVeBlh*vKx*A0c-{t#v@?e`8
zK26?GpQE)iT&&&_*z>NLuDP-UIciCbYqs%-73qkuBaSp07!b_pgI*HK^qaNjAb~
zRk&6Y2z|4-rmZ2>k!B%2>F0#Pl`#seFP)P&uR{cSIvb7HJ?Kk2yI=bCZYXx7-Xh-A
zM^vI_dMRbD_=FH8M9^V;n6R_M!jqP;>By({SE346$Q@GB{yI~KhiIDCeVr;R3uYgH
zu26e4J#qE&Qn$3!*0D;keNnFcS^zqZ5IRC8;SBb@Z#^&uilMv0$+HB
ziK8@a)g+d(d6EVk?=u>j@mtV7Q?e>vk$*lDFr_K(f;39_q5$$o?L&nc`n53!@lS&S
z+J0~$Wt?mmh*nIdpQP6FX{WiLQ2*aUt%*k-
zZ?w9>c-4^wcf4m0sP#CF9%!4p|KtA@hP$_Oi;MfN-(9za%7k`X2}1L=dEkX{689mP
zhx`)-mRroQ#SN3_MJ~A_p(gecUG8UehGv+Dn
z!w=Y+Bj#<@4xK@d%8d&W`s&x+cvTI)Xg3PUKatZFUalH!x=zg(u^6Gv82dKq72EN;
zsG_gPbgvwnRD{CYn{1X4w~|_zZ&Qt^&kBRmzYR9}xiu`b^0zPKjMrF1e)MCDmfiVjV{40Y|DeO}j~+#~&0)}!Z=
zqJPmBE}f^>Qq@^Md6=7CGf>iBWUM^qJ&p!KzB$ct7sFg-&Y~Yc>A>K$imk>gFS7X+
z$NJ~bp974A=ZTTA0$(gFBkNmA`buc~ZvW>pK33pDi
ze%Dagf63S(?2QDfo{$TF)FFBQL(E4IaXMx>L5yV%TYLw$3CR7L<|qH@Gm2YGBWOF;
zYPUmn;M{ds6Ov*+Tt?~Rk#%#hh-%t5r0)@c^-;PZ6SyB
z1m2+L>8!A}r+sXd&Qi=e#zof}sv|>8>tjgOr6n2Cmk&=50%)J8w!RNY8vb+$mm
z2m=|{&(`jgBkR|ydH(szdXLT4efQo}tPj5kc2j&P)4NS~9JuAK4g*DmLl@IaBc*p6
zXEf(oOd?21%SN#Wk_z-VzBm0vW)z*s&d#{{u;VY9seK<92N%=dY8kY776ZpKkPQ#>*c@~r_ikq2g|&};G&y?r;t|x$t$`G>wmPtSp!zcZN1<(QO*^Gmf3%t~
zWK#S$`B|;Ie$fmf*FEx{vO>aEN+hwqt`v0MuBFqWk;V
z9z`FAW@N~U`|iNzrDKmwx=-3UE~KmDlZL>RpHCeGYS)6XREHNXy4Y9{4;koKTYEqd7K&~v25-E;G*~k^jY{t(9j~qQ?`%uEQA5
ze%`iz_OQIxH8|oh;B3jL%l|V;Sd^q?~)m|7HROAXToRde}6lg1VS=bZ>Xn7
zLqk(##2@f-@RM$dv#TrY;5RARUF+&LA)oJYJK;igOz^?gl#~=eCpR}YU)u3u?^Xap
zuJ&!d7cWYRi}{~-vfM@hc#wsKg`Pe+D@zkO=A1>laHm|=i=WsR2rReu0s^4oiY+&A
zIDBEjG#M@aBu=eBK>+@NIY);q;`TEkng<652NLZkq+Z!_PvrnX-!fI53xz_(#KyMx
zpclKlsUzx$DKA6A6j`Ln6mRm>*H%`TsHi?Rkj#amvxolY+I?pw%;Lz$HoSnQTo8z1
zdvS~vz$2)syq^upg)=tX7Nh1CyeWyV^9clCXy0Ty_pRXDfOi81Gf*?HY~cLP#%&?o
zc%dTnx8~-1L`1f>w%*>va_Duv{tZ1qo}eQBKSOaZYTZCwQJaxETB)F*05}sMINrS-
zGHi!Tj(o+y7-9WSreKn&fzYm(p}zn{lsBa`
zqbPq{@q;OHTJ1Ncz|xFWmIyei?}tDQj^gMN^ETl*jT+!e0gZwHB{w!U*45SZ@bK{W
z_lH77Ke_r!u@nf?JRl&>@BTgETV@;b;zB~I!n`TQhK3NBi5%e70iKZm3b$?B0a8wsugfidT!X3<;2Uh=`7Er#wR(1+P%+UGa;I
zG~CNQuZt3?kS!I{w({I@IARh%c4!Mp8NQo2J#oZ}QEuCRUV4o-S&R2Ecd=L~yh@uo
zmJbkVFF&VDAFa3-d|a0$s<}R+Pf=ZgKBqh*znZVOm*LolH#kymVRS6HR_q|i4(SFv
zT_MeKNvry^U_H8+z%o2GmT>`A3@9?}ODm0?5=+{5
z%7&1H$%*I-%HC27lh~?~e(BFgOxXF~8Qg6CrNy3dwxdYta^ZfAfxwBK-RQpoa
zlCjWvhxDB*Cw&)WRrS?U+Stuv+L}VJ&C&4?%njYOnHeWCU%KX1+;p|HZQcf{@Vjbx
zF(@p`S~vNmZ1mA^FeWZ@CU>n7uF*0~EJ@SA=pusE-4(1V*Ex2=O`PX!)nt{K)E8qf
zm>nmr=lxmrw~8s@e=aN?ZYWc8H&1Zm756i8ZdB3W;0xa$SQ$su>h#nNa`j3^X?1k>
z4l#jJ_;l>kHESiI^gNewvHhpf3@^%f(YRayIUEsGDqH%p*Z@4`h^ld9jlDLT2>z1}
zLmHl3_|i7q#&i@y%M6e@g~s!g89#-=^N;3JGDVc?f9l%I7*9#O4XUZQ;oiEa=X;AR
z_z9j7E1Vm>dFSaukgbS0zkAV`tr0ZW%^2@UZ9pxG+;lsqq*b
z^Zh%&&R(6(|9}r(Xm&iI0
zbwB^S1Sm_2z9=6f+J8QIV4#S1K_Ki`+Drlf8!UOeSX
ze-`=brgxYD=k?C)_8I^awu1W1U3s|LR2+XbuiEHcSZf=H0dP`3EHvKJ@sAynA
zvyBUP+NkYptn=K+Q_2cl7j?%Ae!t1xJ9otMHV*#VG5$68egRQI*8lxv3J>`1F7#|}
zI3-@0M_TQK^(=S+)$2y7K&QFkJn6-P!@rVzg}u(g^?1?1nXU!LpJS}3dm2TDCm7Eg
zJ#K8nJH9PV$W5uxIIzpQR-YJ7vVh$#*oMzS;el7?KPHm4Q%QR$Ti8*BOv-P@XelDi
zEYK;f6t@=QwmNP(@}tlJ!ehpesO@IcZw7xq0{TSQSWnz%(JHh^Z$#eyIou_z-<;Mz
zrYX^4{w;~#&5Ql8`YGr0->V{-gzsej)!YjD-$Fga|5KPv8PA?lnw@>(@QDRI*r--3
zLyQ8^|HJdqPD6`i;^-)2ZEfu#W^8O+kWUSt1xxxW`@c2bRW4XBEG)Pl#3Uq`RB5EY
zo{-Sg)C^ED1T9DaCsMNEsdD6`q<){@jC~elG(GA?@p+ZglcHAT1uNBWx9Fds&}*)H
z{&(~_vuEc}HR>SNlWxJ}5-%vt<$NPTBY;CZch~eyMl(f;GxfjD`9MB@{_J&kRIhSy
z`T$$gZ}phreQQI+V{dS=H!;@Z?H>?u2ZL59(WYBiDq#)f_2ePj1_3=4t=)0;_xIYO
z)+c*k#563XOxjmu2sxRr1o}SS*##t#@HyT44=ey*9v>a@+OCt;a$H7NxyB7RUJJNXprZdH=W1orZtQQ=&1~AS16%v`W)#m8Dy}kKe4mC89
ze6Fnp#AzwY*L3+DR`O-%Y&?{|!ul!^^qDi<@*6~pol#%pRk+l8X9rjcZtRjZQoB6LBKjmbo2vxBh5mAN2d>+PugP{4`B(Bd>o$eKYGA7Gpjl
zDeu&{-?h?th7B~b=IfmEdtB@_HlunfW_;2h`@MBXBIrUjXp!AAGO#HbMI!8Z=cfzN
za3!NTQ6m6`YU^#9_o@cnb(<^TEL6-eyy>-8Gd(#4jD+6$g#9rB#0{TUuU_qdv!HU*
zhBs&1G>Vx{)aLN%jvGB8;||XSyCCV`A)*#kv&$FvyS7m$1K*Ra*XL2h0pvXSwV&Tg
zPTg56h~O+JxPKJ?NXJ95ArW1obY=%5S>At@^}$%YS$%ZP^ZMkTOt6q7v>I~=AZv=6
z*=n>|ijT)I+UR%A<<^gVwwyC6Oaj_Dd;Ju4qTOV=Jy5i1x?06;Cy}MY3pftPPn)GG
z3DHvMNu>(IAQckGR?KovnnDruWzPB_G6TPwe6hdKGGysm`=h_?=
zg4C)VU)ZIUHE$>DYBxpgb~T2X%BNNH(Jp0fZuPZEdqS5_)3|-)mEc6aj-*!}tY!eP
z@mQK^TrTEtws-FsNynY;9sI{DAZt#Kyl0_a^Ra9|bqT&7Z`sZ{D(tR{M+3dOaM{gz
z?ga;p%bA)L>l10-zlrg#S-=wuf=LP`LLL8*-E{9^P|5$JQcs
zHYr{lHG^(nC%dGzj_I$^7=up|lEP+E^f+eUu;;d#9U-%YDgOX#rWTPGPuejP^E!=`
zYMx8Lj+l4nLJ;NpUtQOq3(#ah`3#QSl{cDN@#~s)K&4pzIH_
zo+-BhD4H=aL@Ic;_g1Q+n1NF{U3-f;rB&;$yEkWvT!(1?E{akVC-jKhGbQSt7kgw_
zA$4|ZLO%CyX2%?7&wWp0Dk`Frrb9BUx9z1~ZuVxO-_ZN`S0JGj$f?Y7tcO~?r6a(_=Bn&J5GlCQqm*S)B-W$u^(Ii4oA0a{3{Etq<-@xLa
zz6g?fj-eRn2V>}fI1O3<7I*E8uT}&iea+jQ1`)vADbi-l@sT9-gSHR@xMGiW8&PBc
zHhSpF71ttsKD$VV;<6$o&|b8_(tHREIa;){jZv#CQ(U53%{P{?dCc~)QA{F$^J7@T
z5U?iglb(;vVL)GXqWB1HPgkh1
znOSpN|F4Y$#iLZ6gtsP1^{``(^YLSB284RI!cC8Sb~9LL&{B&+MG7}PZQaL*`Q%1V
zQN-6qI#Y_CEDPE$PwvU*R{Rlb-bj3B80g-c-4i-{#e7f0zxEqVtuC$>yd_Ilnjs_O
zYWluxsCi0two+l;(x&gXV$Iq+0Rdsyq7s)x2eq)@F$*hCHw(WhIXjzb>&2!L30;r)
zsw{Srgk1&Vjo!5C&b3PKRuQ@!EpqxMxYh%pW7SwcrdKe_H79+qmY`b|L@7W`qjOa%Ncr4mNIm8tBCSTgoK)6>)O@$Z1^>%&Zj
zuToMhDx<~4#m7qFCy>5vkPkbLn=}$O*g<9~q}{_`x#Xu*=ILIowmCxvrK$&&h81MM
zMxwzHp1XT70jM}PD&O_fqX#M1yo#_x7|ss4b&44_CntOJYGs(+j~1I|Xi5T8hT(I#
za0`2@^S4mwOB~~{s|WnfZAqWURPn2&2xeMmZTsec4$1B=#FJuUsEe0E(Rf~8$e0ec
zgu+oh!;-2KeGq$n7~9`wh5Z+E^c>N?3*GFG3W#X1Kb)^hO_i*8nEdqYncdwRIlcrF
za@#hj(E7oX_u$6|$0GBZ;P2wWV@Ff7&EHM^hhfE1wl*+nBQ02*dGIy(E&
z$*SR&E%0*WKd0j_kXVRlqM%@_q0yivuNPWgR)&N4Mu4QgC4KZ88wWdkE)ZzKo?ONL$lNRM*m67tV>4@T)l=16J%{A{?soplcS2m%nS?-FT
z&ealaHIV@&%<+!-{W3CQA)anr+H2fG#9(^3+|^gyrcZCx!8{gtuVf3|*viY_6}qd*
zM1*v;RHQ1d^Qjb!3Z|j1BpSr374(_OeECmfnK3lT+c|7j{#fZql>)Xe)eEQ)j~=%l
zT*P_2M&2H@noJciaf5oUw&Di(xN_Z_i@eN2Y0t7&e6}2`5`KN#c4W|8r{T6)^!T8T
z?k)F4Qqucm5GIC4I$AclPnrKJV&)MA5D2}JPvf$IwOUmbG7PiJgt3FI7i;Ed)a<}9
ziOZ`^7E{M6^#cXh3PB0j5^|T@)1EW{+oJ
zA*%|(Q%8r19xgGpl>{CY$`lkI8$una<<-^3C1pFw+1WN?yxT5DRmF^YsyLzyo2TkF
z1gz~H|Lm7#1-QKM>^+gzf}ARL{Oy&)^YUcTou~SoUZGjh?qy5Ct?Y+oDQc30JDZrn
zMDK+?u$|KNxd7XzUV8(VS!_my!XodJobTJ9BLOinF=k0lPdRs`TX_S#n`+2qJsD-X
zX_tCgy_k~6+SQJVHQpcpO@;yNAoh*%#Co7Iw$yTarn<{S<)K6*^!C7i_EMO
zNJqd=q+qxsmRFg+X0+hC|7rBzKl*Tw`;xEU9&jGrIwwn}OH^6D_S;6wUrM01U=&Qe
zThUxVk?F#cN9H{y0ERe(q$Mh}(0|~lzBe1=af%q-|gYmqKK#52=peH6~{vXO`Fo%E^1Y)`B
z{raZ!P_Y^#!1DgJ1~Lni#jMS%O`oOp1gZ?*4A%jvw~xb%E?Qn)nd)q{nuTap^sL>h
zVo8P33L4G6nppwT$W}W=v-+@6`};a-W8+}nn}S6KD|p-HXcT<7wvs!v#ji!L^C=N^
zz3N$n`QuHYKIHXWEPE%q{YYWnXjjHuh}*}2z%WCJng+>a;7V_^9)Sn@4Q5UG@U$3rXB8LNx>ZQ$O@Xta9yrUF
zxZQDk$YF{*4`7+zEr`3lue!P9N`l;7kuKN-&UUY2MfY#0DwB;%WU4FIX>>9;XU2|-
z9Sy2Igd_IZgV1)_97M!vx`ISiRaG=+{G{na+#o$Yz22zm!J@(`Ne`TQ&XzsT2fh|{RG}<=HMJ`~&V5ZrT--3Y;ccC+wO6e5*8D71
zb&WdAaf5lD2dp7OLo#N$n0_H`rP9JLW|;yyKiE}BJd27p>r|zEMzI}BA1mI&2Z(%l
zJFxB8FV_y=fz^3R_{f)ZQvYJ4Y}4aGHpQk)4JG$AgM7stKWOhI^{KMU%UUh8xF79f
z7sDM@z?{Dz104Fix4rQ?;o4?^CpsYF*h$`>d%@$VuBO)I$op3q(>(l%vMC{@B7H)a
z%3v<$WF8g=N;L>{ZYejGPGj&zb;}gQ
zImTVoZmdL`h4XGm;zbbFv-;hINLb>LgLHD9LkcF6C4oeDhJ_Or8nk6+uR%V?tmexN
z4go$#95f+j_B-5x<@7e4*<2Jfhb$a?06pf*KxMKd{^Pf0LFHz;qm`x~P0#ul?}UF4
z0lhaZbo&aFEi%;y4p68pge{4A@e!yUEkAf!CJeE4Y?5V3c-$&E|6+-+4Ch1P)kJ$I
z=h(?<+=Y66BFcCDQ>n{5LCdiQgRLYU&5krdrtAxMr4%cA>jNELGKV9>f*jhIp?6N8
zLjNni@o4@J`MEDuz7h_M+Rf6^J@&l(rvxtnHCk26GHDi!OD$Hzu0V%P3GkXv4#B%)
zD$ZY=jPa?HGXM`b`+>1+O(t!yfV|6o9+q?j5T|8YPD_gTEY_EOEmWUEwy!JD>
z1DDn8;^=U0k~FcJL~??1h^V5=j3repAA&llO@ch8nA9C!O@-piT*B898S)}EOQ_lY
z;7!rfcxjjt{W}7}oc2nq-o8y&1GSG}@|Trm;nXT7LvYY3Kcce1Y%0(Pnum?ddVW1Lm4YzDZ!ktzb+HC0%#4Eo}1qvMa*$`C|EaWU4xR}`V?1*k`GG5dLDyk
zG^^pzR_ImnbzhFJwKJ~__39K|uK4@C8372zIY_xI*x}UwY9x)-=f2@tOayTw6Dv+=
z80J{{fepo7v5mnHd|VOjh}HfEv0NP8&CtuIpQv$zzYo
zPc0xfcIE+V5V~~2s#%y|I+(+%X%|RyQfLTQY)RW)Q$HYe-o$GNs+8kkVjqeE_}578l|U#L2LL$K9<9Z8Xcdr*f-b*!H&Z)SGo`noW|+8Q1hj|j^wR|
z#%o>~wZn^?m1o&p-`3HqBBE7SGT9wFeti)O2J>~Q#ewd>O9mf=ygX~I4LLty)?+D&nSyBo-#G;2p4)?pvH5narv8z9G!weP%&GX@VLT7
z15sP^`cU3ytK}DtW4>>R8hC%DwW?7G9iN
z=nr{_N;7|Mn)~Gk#7#&+0`*F~M=`@V626hE+YELYP^I+UyHj)YBVo*wfBJOCw0H+O
z`;s%=(c$0V)0(Qd?959~&%Uwq*s1@(V;&MUglr{uWB=8|amK;O%ZxPi`@8tx2!zG6
zzkb+!88tG=-|iqHO?w)iCr&b0yn_FX1#0!iDY*QlR6N2J_F=YJvVL{x;Td3(qkG)!
z0!o~;M!SP1Ix!%n%8q$k8+=Q}C5;PoDce|Zw8z~kWC%(E^OEvg3PoMRaRh5)Lho3A`>A%
zuR$GNk_V0ATmJ6h0wD48yP3CYX_;vaF6+w+nZtJ5C-M@&I>Q`eTb+4u)Jxr1K?vDyY)aOd|SC1vr)$KLZSKmwCxON8}I^phJ8qO*;G_+uU
zuht8-o?VKQe_Nke|5SS8);2>>W#UvpSI8J>;2n(1p@^eVc8lziQd8};a)K#&)%fPN+FlIKfxYG<(k)&O8%0c@Ic8zU6SXh-
z69$#iDBfe&l$Bc&z%f-?&dT@u6zvZ#p4ShFYm1BNgoHk~XHyk?Q9=ZRAJga+%JtuD
z>bso$7?F9uwVc-whUcYVr&|ely2^q2UYjIU5$1-4s#N?iR;5LSH&M_qm-;AM$QT-q
z8qw(OetNiYUY~)NoNZhrQvK|{N^6MPc~y3;zoj9@Er`CCQ3t12?_nXRx&4F@(Ei}}
zCQq2v>Kfp!dO4I>s4hifuAyqWSC(d0Kepf`6iHDMuEp9v1vt&DkxBRhwZ8ZKOxs!K
z#s)N#J7a2T|G6zP+J0+dR{Fllf}lWD#P^_T&-qej%qPE
z>N(Wo8zO2LyDV$oMOF(d%4l%jzqzAdVfQ@M(uaO5pEY2ejqh{QZ%~O&a^t3x&L!_n
zaF`=BH68O;b(I|eM5U)87y=nJd_(gCm`s^NE;G12uevT*sn~(i72<#KT4n$Za(;us
zXv?FSh#exiqi#K08rW=2aQ1l9H$s=hiMyG7|N6&qMsSvp>+wY~+oeiKAdSXc1%{eU=8zzALk$Wp%+ENahdshoqEktF;yoIg`nGWcD_x+JX^)xG)l6%!G
zV}zCYlLL!<0FC7DBbb2|#LcEC3-+dC%RJ^+f{y+}6jr#StsQ}kKH+PDRlt5l{CnN3
z8Iwu{mx%d2$M4CDOtqbZ{t?~jyc&HTboP%yS>c<>GWLVYh*#m^?Zw&x6v
zs2N4+$TqeFv6M2B7*}`-NcN4`bgFB_Ex1|O<-C#TcfIKehG0QK5z=Xd`_t{5c3eID
zn`@i9eAT-$?l2}b;1F|s%U)}l(4E_H%y{?k-ACw=rYVK3?J<{m83q|xi`8H{7JCkC
zyF`+#^S;h=D2f=~Mi7r~9LY;S(ut&bW4RF^+wTP7028WBhaj!ppUAdPy_~~SJXm$!
z$4L$=Mj7UF#mCmSsY)?0CB=~mT9irtb`^e8XA!(IS52&}8FRqV0I66pwQkFxc~_vj
z+z8cBRz3?~_bwobq#PN!Ia;+8bV|s2x*SJg(5l<#vsy~clfY0rr
z$!I8ld@-S~rNIA|=q+pY5{uYu7RQq1Ol9=fK*!mOBeoH__J{|`(kADdX(6brK*IHX
z9~?^5nv_DDkoRxnb~y*>lhOiGUv{gz(fFSLfTY6e9;xHEqo(sl(UMI)zgyA4C_;Xl
zQgtlEhA#?r8bj!)q#q%lBU6$ZtP6HK(*_+1=b|#(Xn@sQ1EnIuSIKVFS552huT0EZiHaTAp
z7;8QBy3%d+Yl!N3BSdaXR!z58(UJu{2NQa>I%WWUi~>|__KEerC6@yc^{>1TE{{G!
z-o?voj2-xhsq29o+Uj5pMJBaxp03*Tn3`<`JdZp2sPI4$CONB9yA=_N3RkK8&Iff6
z6L)nQ7(Uc{vu{0ONtBnMD^N7#d8Z|S@f<5o3vG6`1o?pKY?nTkd4ovs9KUV^5EKG(Hj^C;0M_h3TF
zwvfs(UelQa%_TEdD_#Y11%N@8n~@P&b-P$(EblJ{lTg6F0t{h;6JN$vz#l?FmLq(QJgu}Fz8(AawAoUix>Up80{
z-_Ku_M8UHt;stOpTrp?0v)2p>>4^?2UcoN4`HGFs>1ZsGW@BI4xJszS2|kDS3Yk!7
zj`#tFV5D7;R8C8c^?HkqbnR_}pZ8+=P!&dkXOm*s`WI2c94if4(AZceuP;OYH#`{%
zqtVioX6)f}1;*Q)1-Y|=H*c4JwhG_hd4eCz?q82Z-rkT>VD#_ktO&Rr(mPUHl6&0m
zmY~(k4z8n)p+GvY11H;Bnm|($cEb4XMo%@+cG8CaelYYTlp5L!5Xg!aKPIi&5eOea
z?gdk$B3AumyElaS?i`gP9Kk{DC3hjW|?
zI|(QUIkdQR_u@J>Prr!)8}}tY^zL
zyAw&|X-e_W5nK>W;{r}Az@$6?p?%)a<|*xnCh_8Yx6vAh67u0N?^*QsfSLlC=t{te
z{uB3`Qa&f=U3brJ14NgT0~Z@SMCVv}U0;HBj=)i7X*mVFcs!c*Qnq*a%HpSYS+%u8TNJcfdSqIqZWd0$jf1ID53AOkbySE
zeNYX>m54^7HJBl5?Eb8gUlvL)bwIP=~D@+SS{b^xdam!|sBubyyeM
zr(aFIXm`Mov1iR6GYtp{5Oz?Huv~JOv>?n`Xf(g||8!RDJrYv(;Cs~WIJe3<1%IWn
zWmOk%ojN_o((Qv(&+c^{=#F<59!O^54z-v=9vI%ufvCIL%Gc0#nU3P8eJXbs1vhUl
zxPLQG*mn?3@pVyqk}hE=4eWijUFofg4b}Tdzlh+3$$no*Z
zS*)w(^n}Qf&oRHLYmVsaZNh?W@_1Ghc;NZx&#@@YOTXvm2U2twFVou}ejgKSyO5wF
z$|fS7aVtU~Nebo443Mt*8!P5J(o9wxwakR*pbDa9k9uh}_FoGfttneKNbcaG4TU6X
z;Rqd&8FZ{n8%EsvHUS;dN@=Y)XUgYV8bR;=NhF(e}OU>j!SVhY3aT>$`{USbu!{gT{
z3*=$;R5NFVYkCfyMrJJy`{Fkl+}-FhG)3`Qf?qUN(>Jfg`qq9aQy;hb!0go
zzuu5&x`U?O$Kh&j@Mx|e!p}69ob#&?IWEHY5O)#UM*zF_TT8;j1dGxZV!w1zu;LXlKGbFVJ
zk}7%|aI|-Fyn?G=^_HvkoMZ?mu7H`Dl3RYcC(;{iytEM&mDV(+PlLn5EKzZI);SPR
z)VGCwBw_uUH@2U|^3owV4Skr2k0bjb95sK;S30ZK49l8Ji4)LMcVpB3SiW|sQpps4
zg}2>+oUc_<#0=h?pTS@}xIZNIO)jEf)b5YadG~5+TJEl3KOH2xhtuTpx#To>WH$D4
z(=$VXdXBEMbrA?IeOqn9YbF;~zG}=H%WSn|d6J3Rl|BjVOWNb;4Y_k5GT%4D~h
z$dqBo*g8W#Y~++j!chza+b>jqVy9S@{T`DaA&TSSc>E&H5s&GY5RA~>fx&Bn;S
zuT|^9ZM8G(cQ_BtWvMclp!fgFl9wmsc%uH!a-7uY2?#`g8`
z?b}Cnglk65mnlh1U>l}CvO>{VyuDN1{T3;I!0%#}%OPvVI-OTaV5XmsOKTg-aSmU9
z)7Cwy`(+%oaZt?`#!ZVjI@`t+T#j1x)KMDGk>q08JYKP!NokE-R5{dUkXZV1?a^*q
z-rj-YU*M8Rpem@k$^K>*!oB*lzx4PtyXvo`k
zDF~t#HJA%80lt=;^m94$-#;AA*$FRTGKH^RLZXiNn6r*}50apgr7dp=1~IhPa<==$
z`k2qsmv4fPGkL$I4Q4CPbIVJg;$lvl$!Rd~KbK$O
z18ni6Y`V6pgnd^%cOsP|sLuutxsE*D$4(EI>Y<%!yuZ&R&75_7$jj?yi(jr4wJaW`
zVbI+8g{Kh5Zqmo6YKf)^x*AlF0nOYz6!w?B2K@He?c*xZR95Y{%q2f-PR8^S^GBrd
zo0&Yhlr4=47=dsqh)yA=pQ#Kvu=$Qt^+r=+SwvsRqIft8-NSrP=0+fAs^|E3>^6yq
zMS{;ea`WSsg-m@;h!1_S|1Zw&3kXWSXnsA`?au&}rKidMsVR`zFgi$qvSWFbm#?t9
z0Zz66Rmb_7{(AlhO)QNIvdL>^+deT2Dya>6RG}VO=nIfn`pse4@w-tLS1}pHQ=s&X
zjmrsx%G^eNXUk`;mV~Ew3NRKfLIFRz>XuYimol1oP)fDZZp~}nmyQoCEEg)N!OZpa
z(QUgn>{}(wkJ+WUxObjd?zN)6ylJ|;evcF5?9ufLr@2ExvEoqZ?rUxeCQl3WH=OK_
ze0n`&CK<;}dvL55ZGW=8yLLbB!_L@gI&aNV_8>osQ(z`BZ}}xnYk|80iIDM4Cv9t$
zL8DPZ>L4MFOp9deaph9$oQz!ZJB_?h~DDZEbV0L)LF{W`5DjoG0sGhDW6*GnU$AS;TB>rA@dq
z&8yPl&`0QLXJR=EMKi)-78z^fF-CtGZ3b+1U80g0#`Wt7Lm_x$a=Nl-_}=LPAAXQ+Z^oV}M>04z*mWq)4I3
zy%WsxAte8UWke*MFnRnI*NjC8Z`IrYFO1(8gmtkZ<Kf;20BZDO4mZTDuoO=&f
z`T>xVj#nfi^MFU6Sk?7*5z3bY=jzFd^n}U%N*FZa{7lYeb$^jzU$Q%@q8Ky
z5+|PHP8_HJ-`cs?X7H$L$;wrnR$+yFIUzo!WoBKZNO}l1U5gi+-z(Nz+X`
zSn>VT&w8fJo3cy$;?rwUq))<^0R_5UdV2<)M?iRK$}r}5l3nYL@K0Jcl?$b&)xkp!
zuJCe!UKCLPRU!KLt9wa3W4p={`A{1rX(K{PX#9$X$gK&kOOIadjsT5X?sNo}&h
zTOeFPL6D6xRMGacBj&MUak-Lc@S+|&k%nQ|A{!rGq!%cDnBKX?VY+R+5~s9Qt$$Hv
zS)X)ER?u(&0buh(B^kjAEXV9`BpHBi_LsV)w235ogM3PWk`F+Fyd+SM$4Syv%Wq|I
zA}CWE8Ic+rDe}u?IipK1%$|hQ;?H4_2;eB&kjv!(c|E7GWnjQrOI1-*85w~>t&-aM
zFyU;&oIF3tz-r8w5hV=qEO7tjx9o9-ii_#{9kvrhE9L_F2aLD0z4S0X(YgzeFeW`e
zIHy`zQ*=Ij3on42zZ?N+_NLH@qe7M1Spcj=aR-4~znsnL8h_LE*(YyNs^KytW5`X^WZi~JWuyhmg5
zsHu9J$H~oob#?Vz(R$!LI%gQ%tMxzm>q?xVqffycC76EBz1xn2hWVY8>ADePvgtLi
z=c^+LK863u!^eM-?p@$ae~BLWM{dD{fft4dGv5
zKCov}9>#=at#Z-V$Bzc@pZju;_Lqdv?x{o@6TIidcOt$$_1!RB0(j2-rw{)3$09kO
zN&NpkZUFFIG(@0BoE8T;Xu-Npt89FIr24=1N$LKPFpVPv}U?YjBkrFLe#@M4vXboHO6{WSfz^T8<&d-@|PVrvS*B=WrM7#
zn`M-YK)ccNj2^9H#@=~!W7gyQ5f!_x--twuW-J?ZY@hk6Ha1L@FH2^IHcy9!hYer6
zm5Gpe{kp?oEQ{>V*qq(%qy#xG=KDVirHu73{7}boRhMhzICXO@CnC97+12-bPyy}e
zx9^{>7FQwSpWgL}!G?MD%UHfNn%s2f)gzuZqLOCuy
z*5Ar}s+iMe#NB)0{U-Z$EPOy`%xlr-7f(X|8N$y1Gu)xU&Kr_pyAo7Wvs+bvf2G+~
zot6I02#i9ztH@Diqbd+fR!eFs0~O-=&T7_2!Y2KqB(r=S{ne+Xc5i|50g1PhX=^^W
z6`YtZjZWX@=V3<`rf+yuD)7*AoTRp}?SV>Xv12USpRi)pk48KMq|IDo0&GtVfkS_&
zrUNBC&!ZMT97Hl~o21$v8hlZRoWD0)Ec|qtMH2>DyDwa0uaqu?Q_r9y2X^~DHq-XW
z?Lj%8jyL7M(3^3E7~YLz_@=t9rg*fPd*#Tj^1m1&IZ4t($UJklw^2*-<@;fSN9VHh
zPtEivhcG2Qx(f|Ah5+^YiDP#IS!c(Lv^3r<>i7a(@Aey?c|)@UOjK=npC$KBPBR(o
ziTjGDdd5zf_ZvRyq86<0r!6^?H{vEBm&aH`rPwNuJL{)UkMO>2r$&PNs-H(t!X7tH
z1{HtMO!IL3djkN+%`_(+&^pk~LFs>*8+;*7M%CG9>qCBLA*#vVu#XoPxy`E*WiZcs
z5o`*)+S=X5p
zBaTy2xCRFIw+mmtlQB5IAsbu1)ex8EZ`nSrfNFPqCqXVmBi91(D2Ai_-L2W_GpY9UV~%n7_08}p0-;y#fSZ$7SpC{Vo_C?b(V{bi%geJ0
z2v>J6Geu2m6H(?FqSJ2Gpy7R*WX_#9FvzvIWFV(={HHv1qp&l#a*<8
zO`4nAJy6qHz8hK>Pkrpx-Mtycc250tffwZqll=cREWt3my(~l^`I8X7e1=L<%Yu4X
zIud^z^G??2vjgG}PaXYIy6dBVH5E8nT>wcER)jehkaSks*vCa;M_Hl4*RH0B=Z0H6
z9VJ-cYJZH!%2VGr)0T!XoI={Q_c8b$1I
z@g+5M=#=lk`~nK|yAz@Zzpm(Rj@zq!Ve`E})wFCPK7cN(B}exw>Tu$j3cL2l*OK5h
z@1U|`7&4RUMB9EG^{6ndpRN4t4~sZzc`d^CM3t6{*U}6Mp#-$cv2hGE5u}0;T#)Uc
z*dM>Kh6QGfhma2mt>M=nG2b-xd*x`E*tf+@n7dC(T1sRNAGy{nsn8&_1d39Ja+ZA
z;+Yn?Fltj$fyg3D%g-!J`Ljn~K;ZFu^kOL3?q#ducEXdp+kNY>X}&zqCMgNYlOxX1
zaz})4>ucc4$GvOtCaJJ>)7Ondw37<&*C|j`blH>R$HspB$HzipUiiBu&na)m>~`2;
zdGzfR>Epq`WB1cT3kSSQgygS~^Ml8mHR9K9_rkkRB)(4uXLTo%$Zf1!k^@h^-jl-|
zyRo{I9OxcscP#f$I|~AH2wjZgW>4_mkNPmVZODzI%Ckq@f^~pUwrzGQ`c*J`)xV28
z0(9ejsc+a4@{oHC+7B(|yD?Pv)G-Fvf;xN%d;QAP{ZUPLjtA#P6PiaK)@&h7lUNEWxGcWq#B6%k7r!eH1QJpJ_}9`s?&H<)Ef`)fYi%oe;g
z5!`F{`@-%+wswE5F@AUXyjtnxeTXC%&AD)@vYO-xrNv!4waKNvw*YLJ36mbJn85aI
zMi7wNik4z0$CG$KgdY9*@-{5EKgwI8=I;3DsdlBoWcZ*l%+C0v+qLVf06dheo$G7T
z{7UzS_Tfk#GlD;$#V0@jq*RV%7LGO|n64B
      %nou;v@}I;ErwKMUHBq^b&A$Jt<3
z87iGn9k?jzk_o7ObJA@EhoPGTP8kubDnF|i@?YrYr)c!Qzg+`-5}|$hPz%h=@_JAR
z!zJdcw>mq{^1P9VwfiK%1-$!N%S|NKptR9ia@P#4vz={pFM;}G)VF?yE!I)CGUizG
zK43WwA0OWa1o!&}ANm?U3@K{`OtcH8qnS)a^X!42wM*R&^)v_&);AQMtW1H34Q;?w
z9x`lJx_*{F`JqOso%<8xqoXU{hK^jGBon7YM#v2#DYbE*s<_vEct7Hz-Viyi>SB&K
z?JP^CRqayjohOl!whbZ%o~;Ob+>dUuJdqI5w63{WR1c!u8xTEJ%v4K4g%TO99?YVI
zYmiGkZp(w8vDWxczs+__ovblIPuSu0L*;1>k=ay?Dnna?iQ^o4#@)s7l~ubqo3i8;
z#nzn-WTDi%ow-bsQQ-O~(oCmDN{x*OG>hN$c)7}GxI!qs4vGc#`MuGfemI$9R4?S+
zRCoQDgc*hmsn?KJ!Mn1UYm}W6T4}DgU9ENo8S3F-lYIRBoN%Xcww|i>1h48g*WDJG
z1aobISA4Edsy;H98>DfqcwFtz)LNaJ%I{<}9eIgmIC8*SFh6j>kNZ
z3)~6DuZJfX=6{H9!&lV{Sw_P&A+L2%Br>yBIu4RFGhZlEhJMYogI_aJlX?fd)iIq3
zuv%8rwkgCe;y0R)+T^Y;ge`+Wov%!tU?q3SQpqJ%CY=*cUklT2
z(Nob&RH{q0g$WS4qTbZNe8F)vbPC8|`JmFev_mw{;_J>RWGZfB&Wod#;1=r#T5+bw
zXQpxY=iM@-5Ant--{Qie5_t^go1S*pPj?GYND~B>iY)ZI$3geV#1`vJj`UAQ?cf-v
z^??SK9Oy3~Z1-j0+3UAPQE+%VhbkYF(hH-!!bnypz6>{ht{Xz1e@N$c|Fdm47ESej
z=0t(GbFqOe%)}Slgu;;{m1~qNk;`+no@?Gh+_6}8;KPefeJwd-L5~aU<;An>#$ur3E&>zV2nrQfCsxlXZLKcALw!1pD&w!Q
zTgyQw=Kn}#7wok;r_tYtghj|5CJ?hO)zpEJg5fPp>NTwy@LlQg8Elk|on9)0IeJrfM<30uIusz0I~j6dL
z%Np)Og8M6tj1%d7`nmO;TXc67SPc*S+CA<~)}5pxHfs~lrRXupsUx@Nn8-TmZ34Y$k9
zpZuoV3e^)F)!f3pqyc2w?4mrhO_&oUs3C({)_
z^8kJJ<41btr1iAcNEbHjN8tdoa+>&Eb(i3mkGEj%HLuMG;hAlgr|awCinc>OCh>1}
z{_r{X&v4VM8$jYs+Wx^3M))j)d#3})1UAibFEgw;&k!wI<-J9bvPGq_!z;&_V~)>4
z75d#G_fiyzCUDfF0@AXsLdZPY?!rDqa#zSE~Ji+~-ccecT>f^nWHcaX{`V?7ABF7S7f()cCP42Y3Wp
z#GcS1kCzzkyk-p*8i#AAssZg@mzz0xl97#gf@x2iph3sVnI7FWpNXqm;1L$Tr}w>2
z^Cc@mjxH?#8pYZL+F#Qe^{%l9`n|Sz`dC<24$`|&UU=T0Y@|_5m~aMT^BlD*SG&vj
zO^)AuUM%33Q>%4Rq2y?mQKg^gFu=7s>iOOBjAM1)i3(Yl%%+X1F$`?8NXBCH#WCDA
zx1Jj0ZoP+6%qG{Zm}JQ9H2tJ=R-)C9PGX6FgV|P2yd}po9Qfd9l;ryi9ab11K6Di{
z@glPPogDyXy!jF82o#z8uIxH2SkT!s7V{FIJfCO=6d~pBkA&k!r#qj{63n626A8RR{S{j
zI@zKkstA`j7c*l-*Sh%s`1Mtd%oZMoIhuF?|ZMcu614OUiT>CQY0`>tuG6X#ABWrq6`b?KtsxY
zYj7aFbT%9~3OXpEha@6WJWQJoQ}Q^L6>kafYy4FuU$}L5reB+RJj74C!H8lk
zk;-W+5p?0%q~H2n8v^7l&)#*`EA|!3(nJdBZm_JcI&!A5vVOIY4jhQ`tskeu{a7nu
z{5gq5vTwm;vU=(&vT;dGBBs;i4%T;yL0@v1Pg|DYi@?PYd+)gP=JS2y
zZfoF`NDmh)!f&V9R|iGJz+A(C4^AjFtG?}ysg24f=UFCQm>G=BIX6s%r*
zIA7s0U#6=`L3g}1Wm#FNaF{r~zqEAGDDEW;d*?T2p8PPv7ib}BFT;2m9~necL=ACm
zYQAzRn!2N&jJ+g(xjk7e*bpZnpD2r$Q
z89alFdpGZ4L+PR}D1g`EzCN7FBZ&YFo4xK`S~MFkHjZS~c6af3-Q(tRzS!2g*kHMJ
z5j!p%w*SFm({~Kl3;P5>(c!D^G^Tce9=4xF!|!($sS?1SXm=w_)HBwm$@J+tJq)(5NvBJ>t?vqW
zYDs{xgWYwhysu1jobG~PX4m7%w+roSd_kv&+ACh)WiYA-${&u8t_-wd!?>=gw-c6@
zWgc0D{!giF+v9wfbGsHwAIh!JZw`~we-}x(pS^u*67A%1-g4+nQe(tK?r}WCZoReA
z9$}z#D(zO>xI_k(TQ@Q??ntvbzevW6h(WVS6cMR8Xd276-#jbvcGti1*ds$oSYIN#utm=8@2XnW%%Q*?YlkMZ7h*-AVnPkgN
zO|Mq-#bHuNyj`laJ>alYN8ii52@x{e_DNySaoCI%sP2_}t3Z!TNmn}RCsu%FbfvDY
zo;)b;bS!l_xNNMP|HIYTqKvOY{;gaj+I#KUr+liIN`3KrlS_2^)1}FL)L4NPO!TCr
zTPscFZDU0P+(Vwe)nCm!zC2g*_l=5=iHcG#rGd+dE(!|^ds^Pb5ux^sjhU3Rux?DI
zbV03?-jAP|>9mf@E;%V&t@?fi%|W=yo~4;a3k^yJL2_U8*T~ojD+r2zhW|>etxtP2
z#3T0_ef%ZkZjoqg#n~jNd^#LmA%=aB_Ute}ljr)7=mvqLOO%dUy3@GZn5f>JsuSTX
z*pU-5JXQ0&i%~Wr%6=7af0fe>krx`t4_i7Oj3=_1aP_YQ!LAU^Mgw_LNnkAUkgB)6KPq$*WhrT35QOY%{c`1
zD!v(`!nQAoveslwpb@+IW_F_plSo^Y@endl9n@(lI={f_Lx^bHx&O4i+~d$MAg*Hp
zScI)byt^XS7=(haM;0={@k+@f~B@Rd3n|}TTeX_
zrSZXbctmt!wvypGq3+$rRHAu77uUUjd(y6Og4z#${8o(c6uKMRhx*;&$yGzzS3SEQ
zK+pE8A`Ry2%9}VPd5|e^kbKR%4&AR@(@?lXiW|PIN;IP4YlE4k!@g8ZS@gLY&j#D@
z+n<~=3ZnD5(W*OI|0DrOfEliPfbKOlxbLKc&GLOay_Uv|x0-2i-0SNl?ICf$y*cq`
zW?iv7(dtKkZdCWea9!%vFE-&r``3NrY3q_P_CrxO1(<^ONoh+_`sY{XrHS@6hYL+s
zqh&cq`sk6;Zl%M84di4|3;bFS6I>gN0;c-fH>14X#MX`>-4~(&0iq0VD=K9qhd1*p
zPac%2c{JS8==e6ODDw`d`oZbR%q-%0?Vu40eldcnR#I348|L(S%&2aEvbzT-LvUeX
zG3CPa-rc3}e$l0*)^S&Bx|_$O=~7?=HfO40Xpj8RP!PuqYj+tP-9jD?WMEhbRMOp
zywk4ctyQ7G3M-RvoU4Z8m(0=`5!CUt=(LV_14h+~pB)?Yry=WlMfiW1kjUZP14@sv5=sme|28@tjO
zzM#4+N$_fDgcI4qg>bTV$Gu*X=Dl8?@l@}i9EK9mbIJRpm0Ku1koKOJhG7Un_q?xu
zXz$+{*CybBX4O^?cLL#Scr8*+=SH0Ky)kqr#6OXV6}M(h@sC=5&=Nq|=q;DIP?IXW
zu@#R_@%Q9eye6ODxRWio;$JqizVw_HFwKpNJ*aj$p@7ZOqPd)gJCPctH9NqdJjmA0
zaF};CHcdEvn%?I}S2x>tbONqMhx80duD*_?s!zU%8`q$kJ?JnIFFE5?pB_mnQ$RkQ
zBaGfUFLhS~bd86;_X$@R-|$&ycLTtof5KpQD_6pASbyibq%s^Hkr`(T+9^7yXlFr
zNV%-OVC`M9_O=fIo3s|e4o_{m9tmT)u2zp^El%=08~pL}3fCFU89BR4r(C6I4p#C0
z4a=*Wed~vOE}u~Y?0i(N%$ddf#&Ukwh)Wqix8_=ooWW6usxpdn);FbQ(xi>pv%EC<
zwS0j@XN!fOqsBxF!RpE>(~h0p&Nm|yUi?9E7N?w^dP}~sTj{qhL54Ha7v^m#X}a?3
zrRf}FdrpTFC|hg&pA}yRSR}Fz997{C``ZpacS}0mwBRk;Rq-Yauc2}@S
zo4ShXA>yB-xhcZ%S)BTQ61RAadZ|se8+V)J9s^S~OIGaa1x%Y{XU;UDiViodFp~M7
z3Z9ZZpCTp`<2b7%Exi;h)Iz=X2<~^^FLpBo#jC3pyPYitsD(?s@b9leV|kb}P*hz1
zbk*4R#c_m@HmzfNL}Hfl;6PMsY{{c^QIzH}qMUqtfy@+*5i`crfsTs$av51yRn$sO
z4ug=y7icQ7N>xE5Pre>Jfj%2KFh5@f85pBjsy2#J!p_Rh&N7Dl;$XD6m)8@1QIrPP#>5}O*A0*Ox2RNAx)ocJDdTu9c%iO3O}
z6t5~!GecP*&J+`aAwN!)eP~)|R|!Ctj_~6T@Z<5ht*s1qiCgPmB
zt0Zb4tQSwlg|2n?Hmx^#rJfeW-cxT5ldw8Xlm{SY|LkfSEfuZQP21ZXOrE&SeJ5+E
zcDP}<+B!?ZT0!VPz4SLgv
ztJDG^9r5;o%khpk(Y3M|pGwE^^!@BGXDYJUdd*jtBiN98UQ;=ccfV;10nw3+LSF>B
zgU?5e<7y5$%;qPB)@EO7)(_wF^Ks$U(4R(9HI{qcewBq+x?Z&BnVic)YK4PqrkE;K
zIV4(XWEqxoYF@)#@ZU#&gX=Dd-)M3Zj=87qytr*rr?vpwQZ+v0%Tsi%ckl0Y-oFgA
zvwsi&lGfz@x=w>Y*1^j)IqDStkl9@&S+R8}ZWpqq?=H!)J)0%U42FdNoXO{FKVaMx8*r9ksf8!JCsewZU}qM3Px6%gH#S0rn$N{~Cm;nMG#OHO^b974)_Ntd2p
zv-v%b+;t{wG=2t6n$Bt>Vb~pJ=P+ewElI#mH?i1U6sgUne_s*WeKDxHX$ce6(3mmZ
zT>LD;rfcMWvD*l`Xw6gviQmuhC5Bb=rL0Q7o9LbQQxU47R_Wb-?p1eNFGg
z^%0td()6u2Ud*7a!=HKS#=^rhLSyLsLTl0*9{m*q>1&SulbB8_nQdJvMX{~aCrauE3=b&^bgq)Oz1*5$
zbIFOulaP>*G9G(1>AAMbT2No&yBNg5keJtsQ%OLtYC9Y|__-xAO1T|fMg|Ot
z1Jl<$4fLF;*0lA_9*bUhy6i0(!^?)P5=Nsrz3@{@%lM8Q%$&~CguMov8u-BXBH1Ol
zu?m8j96RRvzgt&HK*|+%R827^U5${0Rn0DOAn>PX%zCA1#|dFCoi16Q&k$0s#54C_
zqb>G`V1gkI?@(a3Ee|(q+B$qdPI$J}zb``aQs9pa!)}EmmL2gyz^U44EtM&FHjnY!
zu;&zd4=yFzsWq1IQ7lSHJOfCrsh5N7+8}a*m4iLq@gZ(PFZkk)meC6j&0Dmdt~-qi
zg3~;_YpdTChR5ZKF1TU=H~6FG+-FI1yUa9@ms&UypZV&OOK;|-9KOC(F)=Hu7n{j(
zIhRh-ZkRoDxAnSjM!^i%7CJt&(XX@Wc*5EvC5mU^1iVHAU!mQHZ9hB_WQ&&8SJqX!
z!tkArgyAH3*;dzcP|(vSLO5&Rfd#3=7nTmDh%s}9-Ug-AgZ8Suz+0Do!R2lr_tL%1
zSUvh?X}sV|V}<@a@dx0EU)YFcCK5)jd2U9c6c)2G6c$Y7pD_i0$t(8!R$8UarcKmU
zr%3ZISL78y5g$b4_|b4iOaG)uZDIbs6W&}bN
z&ZLjL74lEVkT7Sl+qH;>rVYGJH!$;xL0&v@yF#s8|LfqRv4Cico)4<#memok?O$k3
zy=}2OwV%pag_&@dXjBPg5?I?Hs=P6E*pv-D-m4cXO
z2_^AJAho1Pw}%&9Un{S@
z5CV#gn-=x17mcGLyT0vbB+qhimW!dvPLj=YhiUteDIo|Tc4GKTB50bcWrs{cc}_DBA`NY2d;>fEPF(}Wmld~uze@;
zN>Rza`XiPaO}!#by)0P-eLTN2s(4aQl=c8-8%-eASA~lk`lzin!x!0SU(&TZNQXBG
zFz8d8OdlG#9$(K}$1>Zo_Pa)OLLU3@ckd$Go(oBO?Qdidi0*QdTrs1Z`VYI2@Zl$@
zW;+>iFe)1@qMe*`y6*m>eE9rKx8ySlm+jBJj$nD&`q<4cEgX`u#yDc@EStd9$V?`p
zvk~bPmgwEYyml`F#p%dnYU$ntbm}UXY$z6FsFUKnph`d*eGL*If^G%{eu?W()y{^L
zk6X>Z5T$*m{ZytOdZ~@_Rfz9)pvR=u)kwBn{M?Kq5)SwqoiiJPw+;kJ+T%AR4j8*LJnQq^8H}9a9Y&
zY>OI+e6aKn4>0&?gl=?n5yL|}MQIRHuYUqjCD{isxa8yejVwfjFDK#X=qf2^q1{qJ
zamwP@Vj!;EPf}n^|3-hS%Gi)-W@Eb8KJD$1FONkzpcjV4VAko&<&_v+QEn#F!U$9z
z_Y;GU9w9w6^er|+Y;>HvUEwOtT?)i&wO)h43ESo(=m%W3v?~`AF^E!HTk1$4=83tz
z?ZIRyMUxacLsoTHn?LoW`;vr2Bd+J{5+8wvLZa7x#|~4qJopsAh3>p0oO(kkFNO@z#eSEj%&A{{+umTRpvC3uT{X+^Ve
z4I!0X-o(1%S0Pr!JS5a>>afD_wy|tmp&ls^!xocX5KL{IhE5Ou%(G=LD*S2!uhvgL
zx`I^T(CF0Vdd2+`A=WNI`6bC$gX2WeclWrV%ecW_LBpMsAG^cXj4KVtew}(bpY-H*
z{K|HQe~Mv1ZnO;bLALw#iGTY17Y1)B85en!ho+BzG*@fDI8Tcyr~>0
z#YZp90*~A*@A&iwVk=6)VHs;TyCy$;1e<4%@-OC=0?iT8`0Vy|PVS%*Z3Cyd)-lT4
z5-hgy(w0lEKUB=Y$d^myt`Ftoyem62;rex3&jK-Ad-`9AEl$L2sS2B~98g1T%irxv5EQB(i7YBv;K~juY0b#~Jd|&O$)^l13tVm4^L%wCN`3OMu1?Y@&2}udAB;HuWvKpeR_JScA*OCJ&s$i_BfWrZ+aA-7c*1S5G_PWX)I8%+kf2t6a{(gHu4$P
z*KE_)?j{fY(-RCSB9sB_mJul0-{bFUrH3EcnB5MEPm=+^caG?ruS(H7xjwZ-*te{f{GVdrVKlv)&#!@kPTVs{3lHgF@s{+>7Uy3~5pcMK#0Fb7`z
zP+EjUC@TBw6p+toVT>SM8poPF4`=CN{@X|Q{{cDY`&HSKlb$!EOzf2}6b+rcqV6~p
zh1`BMiCGqd`G9T|Q=NG#NzD&l=1z60?;?E3%h+
zL;T)a-Swa^XSp(JFf9=8XoYcmM~LSTknVk;K1CP@jW%d714C(&OiR+
z8lAW!xfargo@Wxa>JS#SC!%lL$J^e=uC*Dxv)FUKF`}8ml);{=+hFj6ErVuMEd}}M
zLFW#mV|;@jja2go9Exe=GFsqz1TqZ*M0>z7K0Hq^P~s&ng(oR-6lCZU57EFv|5yz6zpiqCgC@Uioh}tIqUgLvyQ`$S0|6ln80_e-Hx;=nY*fWANm
z0o#ER?T`!^Ik>=RK-5(Lvbdf?5JbXBRg`xvP1|i?=T`!AsY;5JB=V3RQ-VaCy;W4M
zp8(Q-908mNTLw&dVul2gRwS+f@5n8!e|4R4#%WZub+=NI*}7^#9CI;?uy@kb^?9v)
z;-Vqtis!#FPzj%Zf?RUUAtbKVGqqX`u5UL(+>6aQW`byG=n!$+cLjX_LYT&%xN@x3T^ZA!oYEq;`bs#>2NDrw=0tx9%;
z`F7YClTx6Hz`Yz@Db7isuEICfzJhO`3kqFgqw!6{KarKhA=g>-)I5BLsDt8OxUO3h
z5dHUC{AQr3GF4((NuKUCZq=dWtEQyXr&GahhG##XZ~<$&8?8M+OckZUtw@X&P?Z$A
z2R+E=4nH@FLo&e7;)scIrDvi`R*XuA3^3>jvI@GL)RJ%bv2K}rq&@+8vMY4rK8+-irzPV&^mNq7RC>gnw`)Zzgh#<9GG
zCvSXwH!}tFu_*Evg>wxO&W(PcTi7UMHn6u+#&v##T_Zt2-<|*_grCo@YCmQp@Wk#|+WM7U|hjKprn%yH7p^R0s5um8KxlN6ny&qd|N9PP{PU_in$PF3}1-AwWylq1QqG=L#Mb
z7Z8%3DKTg@SEv}*v~?rbW1%R
z0|Bu=vja}@M!~?=uZ8aV5Uql}_pk4gPD-YMRlwHo&->(8TGMk=#wr5kWj=;OF?K7y
z9QH&9BVC*qpc94CPea#KwT=m09)HP4b=~bO^)GR)CZs*NHe1$?luK^`5*M{`NT_2mE<%IbJb}b^y
zgTYF^2mF?B!{r0Zt=F!%0$7*n5HV@kbul{kVPE^#kfpjlc6&SKB!4?dPCbR;Nu8K*Q92
z)4L`Y+vq$-JBu-ktYa-YpT_m#oNIhTQmkD3ra`f_CO8?`xL5C-9$?Ko8SJB;y~z&E
zQ{UM~U4z&xo=xLC2E+qo$0BBa^fHm3UMmtK{<4A(AXpbz>iOOp>?m#>Xj0*r0fuzT
zDF)E|nA%DocsUTx!@lotlsO*zskOdS+hcN!LZtQO!qvpm((bhL@;5k7_w!vAovR*K
zb9CElmR#eDE8TUeI5|bys4kMUt900`M(_Bq7XfW;h49Iqm2IV;6diW=oSW6&Bq&p_
z#WB4h4CeplRWOnKP|F@*OoeRrd&2#6*r*o)J4`N4qcv^ncV@aUF~iRIjn`%Ch$o|4
zb;3E*qR%ze3lJ~lbah#fL*ZwT9oP?jLk5nd5Bh=^BKR6CbtN-IjUWW&w!=jg_SD^3
zmTtCMSY3;xI0zrdsKztK@s&yIgG^?*dER-GSfLgAzNW$!%bc;0>1TP`6-Bv_gt{O{
zt~{aOFC*o0nXJ@0BbF~iMpMVMyj2>1vzdI&c*pzDQnEMHZiaR2DiedPm2k5;x0F6G
zmT-FOb-UYC&ztxbVrYn}Tg}~Sej9l}PRv!Y+kkT*C^m7@C$dzvsFES`^e+VQHy-f&
z7r5Ysm&OrGE90crS!}TOw0#?$8Cz($PcW!czO)_pmcdMMb{(_w;jYvg9rWS_i~UU*
zZ1KLVb}Bnzy<<8i=pwBi%X&ibkYr)AebKxh0)#sntED48&k-^Paazn^p=;a*ujBg^
z%pKO4-N_PN>)Z3<#D+V}m~pH0*`xj&@84FN$5cE}G4A^vcWVi*#CN#Sr%FTdJ)v!1
z?tX9ZEnT-j3q1|Qg8Sp$@qvbn{}+h*6W4nMdN)GtO0BG>erzSW6XLaKyx)K&E|^~x
zjI+qe27Zhqu7i5cH54;LY)sB$*E;IWd@bBMn>I4s1Dj=F6
zkp`##{s<*Atd(xdww{~rTGtwwquC@T-cNP)-WI!*fu5R_w6YGOsHzGl`0b9QacXPD
z<#Ue}`E`gLd9IussS)!D^Vqn3NFM@=oGvKYgW4_8)8)!nUx2WAl8l=%`#|JC8B3|K
zZUepR*Ytn+BmmK()2NbUd(N}po?OF?f9xe?L>8jJ5PXn_fezF02wkE?_pnb;qM<jV`{W;8jc&lJyHAs+!6AXFs7xeu1r}j6F9sW5Ucw*R&^VPK%SRLr%
z;g%0plU`T&>3u1c^MxDbf4QyFW*H_9ZeG&6o-g$%&R1JV*zcthPf3^QgO&Ng{Q~K?
z#A35(AJvO9&(&Sm-N73lh^L=0ys<=EP^@W{*z!g5Y3J*y1)Nd1Y>JtK5=!_M1+bSX
zFCQFyMgw~k4C-;~J4pLc^(hkI^Po{7<7+Lkm#aUOGJqQCKk1Id2>kx*@MB^z&S7aE
zAT4>$uIWI&`>yL!W^!W!x36L>8iQOUhY_EpLQKhYryn934OIU1+oAZ^D}`c9LH2@1
z?~k9vOVkF1+|CE~g2uz4QM(g*sXz=8EM>?GI4c3ienz3#eoUg+`Gcq?fIV~-k_j@|
zk$Q(Uff&YECD$ZYUOcSJr{a^f?O1dt5_dajsfiy4&QNd>$K-yO3E#1QcpaKlD^T_cqS#fhW8Q0nx2G
zWgM}~f__w59R0`KFR$Y}SCnR$X9f^qN4fxtr>-X?kLlc)aaU5}-bUi1EX^xgE+ct~
zMpR^%=J{*hE>3)$w2l;2`U2r9wy0uEjy$>B*+{`|I)cOX2^sr3rXUT_?{@YmGsNyq
z&XCI$wuKSpXUec3Lcig6B5G<~s|t3yyyB`C*OiewMwf?Eekwq(
zS%)8`1}a&ZA-R1nUs$A*n`0aw8&570q{&UhM?GF}Fh}-#Vnm}Uj#;lek_{ok?60C5%571#cXt%W^rRl}as}}inC&wRlgv@CdIzp$-6KF40e9~7rfVsD8T^R@pm`xM9;%aK
zbpm#al}9{4B%+hlZv&lD$_o56-@Q`IDNY>A9QP^bnRQgNxy?}_(_`$P)^j|rJ{R0N
z{EF7Vp>L9_iz(u?&C7knDhPf*M}=ucNH|g7JAXIj(q_gWMjk^OXEQ`{bX#o*v*np{
zOl_zPpum`3LPRj?i=SNAKE|Ia6o0S<3abuoJd>k*gXJ6}w7cUZe*k@O>TaZY$Sr#G
zl$6V0DBw^E!)&Q!R*Uh@I;WXrbMEp&`cpdvR)wj}8L3;Q=IrJ1oj_DLy^~G{~vGIZM%daH&-a_N8oI&qf
zm)S3Se!KW1!Y`#&9QI`9a(M1kIorN5K_wA~1#Rt$zjo>{6s|W`RT4E@F>QU!!hdOI
zB&w#M;1TEJ>24e(iV|~;039Hix?YoY&qQU>xCv{c&w@5=N@&2^!z>7`u>YNs)2Uk%wH
z0aE5vbCcdzzhf9#%p4s+}0&yk5sPl=<~J4nCUTMvZO
zK$;OyeU}%((^w@wRo&?p8~1Hdjah%}3SLMI6f_uXUXR#Sb-=s_nbuoTM4nKy(=Y?d
zc~9a>n3Xqs_`x%kU#eBNNir+E6UvJOvWx?y6If5D5A+hhb{DSNtDuGpY*yNy(KAQn
zq1wqRf-(h!6(~?iX5BA417ebM&l8%a%sZ#E32Lo1Dm*Tt`tgO(LS_4K#LZXXDI^mQ
z<3Z8K_)22`9S&iNF%6YIT#u6o52*gIF?t|LdU-6lAx6d>tl?rjoRZEZ^@E~3r1Fl_
z>tYx$DB7HMVykvwpTmu9IHNQQqBUKww-`Wt*KHk6i5XJZr%G6!mN)+)MD)eUjSB}J#U&Mb;b=vC2Z~)XyM8c+Uo5-G%fnEuf8bXEtSA(?x+G)
zNU{5&*-!FZDuFp?{8BTQXv^dm;f?+hAvBuER_FJ;DI0PXh83QFFHV2;z#PR~wMEm0
z(wD}H6vfslbHjM$h~LeZ>n_2PS~l(*S++4asV^FA=k3R$v+M$W+Dq0?XHuw0>4)qi
zwk}Q+D|W?BcHMboz;OS;Sp6G)rTgY0WwTE>yT%N=X|A=g7V>aZTQ-yvhy^gc6j31^
zoM+EBP9|=rpv9j%&GqG?Gk606?R8(KdDDqfm#m-QMQshIoblEo_zu(e2R~xA?jFd&8K((CkT)iDP1il+;CL}%bnqBVm5uQL%#cx>H
zE^h6mBp+SY;oIxc_k3&wc9cQdq&jis*Jc&3>@H}MYKCExEA{XV7dzbU
zQ?BKo>DaJ{Qa)Jk`7)FU1PENS|6i0IKh)!S8VzKgO4e+o%eSekGZcwHmY_PGEoQddhuOoOy|4wKZNRy3*+y
zH9mvxZy_2{b&Yc1*pTTWJJIT_qB@11aBW7X{Wi}ix$v)@1>dNyMJRw(rp&cthsX+i
zM~`aJiCb13tQ1d1OPG}mM0+?Qf$HN?}AECOECJb{8qVY>8{d{hkK;w8S6!IeF>QA1zv_yFf#$`
zycitOESWXEqqLdIIyR4~Z@cZtTmJ?5sTh;|GR-xJHrB3n_00fs{WnL)kA*PA!D+ns
zsKjI^FM(vZJ$eSRUc_eD?ACT{)_#C^rn^&8-A;uBrA};YxeH6d{Heci1m|l_$-K%S
z*6WO|G5PHJd|llYBn}Xs?;f9LX>W6n-}m)~m6es?#AowVqPkc2z6)JilrbPe)p_Hw
z!>T$=`EFFMWb>*GZJ_(%Y(ADR;iu|%|6osA98gqZTvB?=44W6shSy%$ow%-t;ccg}
zLbxRO!!f#An3}4uZrGs+bpob<2A40`@N##_^LI`^awUyTZ`Mq5X&jaa{Toi3ZJ)HY
zO_HH__3)Gt(>38#B}i$PJ4U~CM{Z+@!i-VW>qlGBGEc^+vc
z6La>6jZ(ya;Pa^|AX7%&+5}Pfwass>{F(Kpwz^AtBj=E#aBBw#ZHGt8Df!G)5B(`w
z2?U_$}MIC}Nc7iM_=Ly`p)ZDex8tNyi08`fVP@i%z|AfzrAr``w?q
zp<|%uUL4mrqO7@cU>qeyBr*)f$i1s9w9KlkF#3|$N{Wy;NLjsNv>9Ajxc-Aw#OL<~
zt9JX^L$*&fu^Xw%KfTZM8~xg$_bv$FyH}N_etivK(3GuK`RsMkb&VoSsSeif2u~cb
z&Xx}A&B%}Ys#7HZ{WiSub3ma#%OGjsRdo6^B`xKafS>mBQw6PeSmFT!w&46B6@f
zaTUQ(ls>ndeWnQD^kTH)JuaWCrkwo|v)1E@b~hRrGn@iBCm)$tcZ7Z1$NZ})+5#8I
zFRcFvI*;^e)VAc0?tSO#>Tp^JH)yM?ts~$du*k&gSTce%M1Wn0ja@BVkly0(Unh*-e#vX^q<&y%m_CjNe$t@C|9z2pnG2o7X#45k1rT
z6aJTSj7>yc(t+pxTA5>J6IB6;3~gk)QsrJhX*RCPN@?Bpc_3Jnw1yDnlR^ZIoI4ON
zJ(WIGAG6|?&kiKq^KR~8s8rh@|N{D~t*#IUBh<*q
zg(;T=Vgy7Jfyyw*akt!e_+QmjwTJDAA2wyk+?PDAED9v*wnxNbRLj8iTHOI5?Glir
zV9=}=Sh-76JPmjw(Q`iSOEyyKgx3bTU?&0SaM)9&=a)3;A#
zh#8s@N_+kfE(VYcd(8h~Bftgfna(Vwd+DTJ0Ams@ECFQWF?>tI5
zPtpML7XHnXf6*sdZUm{(x|7K}yk)Jj;fJdTxhgpDO66Zj}t43T8`0UCuhp!6Ih?JPbynB>dB
zXCt6#vv9ql0XoyB#RI&PxP8CCv!PF(X67s3mjBTD5tHVS^=b@`rYSKR^1_-ghYb)^
zBTm@H)8(I{4|ReAS~d2*VW)&@k
zcg}(T+gH{%H*wyTa+SsMzb7If0t^jkL-n7c_akME59E2zfI5v&TFyGu<{$98g%M@I
zI{+R0w=n)cw07W^K#XfofOJIs|JC-t?Djo6kOlmo*LduSl_4_*thMyFJpXTg_EEX-
z5&VY>0wVqTJ9;5-Vr?4WmFy60oW`GD?+D?0j@<)HA-csA;73v<^3{$|$j>ijs-`s3
ze^|$|)?mVgP9&-Fqw!FMx1pG+xeejRJ3{LE9&Y7~i-MwCJ9K|jBtQYde7E?kKEwKF
zThuh|+vCTVBb{|TvP8WOM&ziI?W$RlTo)P2y6MZsXF8%N{8iVRvM2PT^R5je}d`_+w1-tI3E
zI}SQH|0G-fH3CqXaI8oye?H%c)IaLxm)jhhzlb_H^}US-TKrP>(Yo(Fs|rHawtm;S
z?n15aAK5*C;(W{3EMaaNJsTPW=_-H+3Q;irSjX>B%!3;unx}t7Y#XH?g|>FI6F>#a
z2b(e=b_Zw~X6>mjN`JIgGDgv7MtGg*#}xs7)y-@;qw3dVp{r1HM2Fyj`xzslf@V9J
zK7t-X#``9rxhL<3CRns$;yWfEAN^LebHYfX$qTf>_{AsFLFPM+w$FxcOfMe?mtXNQX>E5TZ%oswOII5rAC&ZE_D~YRg*evS
z5=UlFr9b+{2;3v1#7;G$X1Mm3_2u~h@)g3PduWNn(?X~hF&9$d8eln&2GJsx*bNDwks6J{B=7uySh)(nwc#8C
zP>v6jx%`KnJyyuH0fo^~RUE*84F#l%3%R!?ERH}KJ`+Nj`ofg%dIvi3{JtiKt?lU}
z(gpA1wXtu$N#nJG5OZjkEdYZhC@TZZ-@CKli_n~{x?a7zaO
zOHJUhuHt4H(XCFRwZRdCCQIfs-u5gu>H-L*n>%|T~4#n1oAYiTKfC6)Z0Co7)z^7sqgd<1Vi
zM>_kV(0B<9mAqCC%sA{`F16f0`K>jrE^VH$Kyvfe6zIJO&;EYsajG}xne#O
z)8eLoX8VOXzwYATp{ap-1{!fWY81IU@8MkFsa{d)aU&gR>+5{w=^BIK$8s&|h^
z956ZA`-Ib!-H(kW#tA&m|3rbmE2maC0>+r3CsYpm5^q|zrGTOtB%lu=<;HVcP3W)W
z37wS8QV*Bv^^EGt{hs+4_HyA%6?YfgG&)FdL(ARwLF@?TouA%%{piVqL4ygEm2)I5
zBnajKBk>29`xk3dn(nm^B|@d=@4*tzY`3rmoY5@)i6Zm!p(Ss^bejCkx3}U;O*iMw
zXNV1konhn;#IEa6n<~0jU96TA75fW}>c72@79jZUm!t|Jtaq6ru+XdpjNPk6zN%Sg
zXX2Fq
zBPDUQ=!^0`l}skF31LbH!H8KfS8R3B$Ni%ZYQPgT*1AtiYa02=U=hE$l1jG4U_WB;
z^g6j(OTf-mxhy1A95|Ft{y@b1-F+&pl6m(4|HPe3&0~u6_X_iJTPG3kLFM^tC^v7Z
z{%|($h16-9?ousKB@gq$xQTNla13Z{$QX6u5O6&O7Avr%fmV%BLhyeFj!lCFuCJ1M
zXh-OP^*}Min1LQB+1g;q@b{1p-qev!P_lgi(LF8;qR!wU>9jVb3{5aCuuUx~P;LP%
zAbN8hya>!2ZfQnqj*?2sN>-
zVTbTF8h5(PA<2d3c<;LWE?$;Q1Z}OcQrETQ{dtVH_mtJb=!?%uOie9bH<4v=ZY9z{
zQzZoRnMBxtoivocBbr27tWq
zK&6I!%JN$vCGUD7{j~QnS^jxDu9@3KvZKu2A6RY|44vhJ$?C?Orw
zN-1#s7q&?8=xsD_CV&sY{3ZK%=@b2|BmiF&NZqt;_
z4A;fpw^NZqzsRkw3mhYT`nNcnFN18m_dJt(+K7*jwcUtlY{;oScyIO_mXVG7__u5D
z7I2@j|ET8hl3cuRZ|slsHc9zZt!EQDbsv4XVCc%xY>~Nmzq0WA-DIDu*_4DcqQuh+
zgGZbtmmzz!qlp~*_2MyCK{nM8e^nOOgU&tK@2vi{H`@k)MgV{h=-i=%`T%;Qy?Q%Y
z!G|*(ikljzUR(DM!nWUCDKnh1oBmg3zOIG=6pXR;tez#9X;4q0FlDWzh2QLS06n<$ANENpaJ&+-5jDn$)dwR)}OTsP%ijlHHZ?j_lS~lV!k5OH3ah^YKm-XsN`-
zW3M_IT!cYkch@o5xGA-c`?^r@zNN9C$Bf
zy$)b^+iKzF7Iy7SB(Y4QLrXb4?#i9>TSd{Mi~N0fK*BBEpkYplt~UC8JOvTfIKa(*
zEKU4CSmSW8QKq1DNCcBa^ec(Q2-v=web#(^F{MeR?|wgG_5fRfrgUqclvoytFWPu*
zN{l?wI?4Ge#qT9OnV8|L*0?SiKD8cQ+xK~o2umiTXEh+cF&$92OM5}q&ko`ncUnM~
z*bVERV8=M;&5A-0Vk@OJQv~9=C9=MoKh2MA{W}IVpne*2O6(-QC^YgS!QHcXxMp5AN;~90EZ$1W(e7y!YID&ewgrN9PBl
z24wG5Rcq=qpIIfqZnfFq+-AV@di@jo!$@7E?3c&wOrPC#Itf~p!GIcK%l(txUmIoa
z=a+o)!HF7;Y&Y+C?mysJd|}Lb&v>;xtK&J`66@0m)XLJPX-i|V
z-v__7BahGVAH$x7F%r+_OZVl{$R(CJ3<$|$*Q06P*5^~+O{@u>F8SRLf
z#=eaY0m(CZWCwI2B1dz#NEb2jA5Ve&YNd))`PUM1GEn@CmTmBOZCKBj;{J&GUbKGP
zjonmw_!{Lup08&0T@AXQM_uYK)LyGkxzzeIH|l9)y)B4e;0pKnW-UJ&#b#Jtyq=joPyI^VR@Y
z|Nq%_XM`;9*l5iu+7u+y>-6QeSS2w5YO*2tLf5dUVpTFYo>}m
z*lG##vs!X-if@BCu}U2uFeb18;`RSFldUAyik!H23R>{nKxh`*b>E=*wFH#R
z5nQu^HQ9lhE}>6f7G!}cT_x?^SGk8-Olpz5%@AEm-5{uN@cTtN=zqzVflk9qh1^yq
zxBPYU`ep6d(%CFLP>m`@KFHV^R;T8t{&0!2XI9RE6US0;Bl+D}CVvia>9#<>Wz|GG
zzxUdhg8IoELg_IDlW7B>jV5fhJ9iR{?+UOUDxr
zz@tK?i$hA@yd~x1AxGC6NEAtpR80eT4DljNij?#b%o2>mJb&lE{>cu
zERglC0*oF2xnixQT!ROYnQ}e+0?q-yH}_0j1rk>{pFfr`sY&Gfe(2X%jPt6r3ylnHG?4P6mF{{|6U=o`0AT=
zcK7~9mftT}b^^!FKC``Q1LLuKetF%=SQCXZDeP6#w)IOW=-Cyp0Eh+fZlSV$0g@3@
zGczQC>)V20Qr=g>{atGHB2DyP2y3ZX88m6g8X_fOX9F;x-r2$iZ5#rj!`wKM!_ph7
z_cwMBWIhE*wyDi*K$Ot5qo3{a6SR$I>Zm;bUyT>Q{}cQn{owcRUod^m5*X$i76G|}
z_D|4|B59$>-o2|OtF9EwYpZ_HssjJQ`y*WUK~7!JUFCBDZ|W`ChEMy44yu{n0sactC$MUJ>W=X|;`wRJu|{!JK|M9W%C}
z1G`eVB0O`xAxnkw3cdNWm7wbU^0bLW^!L737uFuLTQz9F!$1P)8woe?1LD7UCjWxw
z%CCimant+E>=#T=6>&@6#Km8c*?K|2lwK+8@IHafKbMyolpSGl*b$QWzQ?{KZMR3}
zq_n21cFwdWn~6DH>^5VN2JU~ezOTYsGE4dlTo}oHNcXfQ1slU3@DY2ozA9mOlrY3^
z?nkppSB)&%&w|BySTuFQb$>=TKRlEk{6FkWs=8#OQrJ_P|cv(dM_9h=IqL
z2nEX4>i>@x+OI$rud0L_9Ll9V{NO;?LS3ywOJd=8>6DN=c-VYl$*NxVXcyGI{Q8u;
zQ2^Yub0IRRKJ1iJQGLFN@@_;}qDKFs&FkWnNu=j0`4^!pT1X-x@EqYb#g&yr82}O=
zJ6H02Jx+tT=h-m87yaTW{7;=gU#}n;f5u?>>Qb)|zgYi#zZe
zB|LKJlmj^|NvgBaUCJM|b3$an50yZFBMjgSEujjas@1(d&sux`F4C@PSuyv-nc4DM
zN<@;cQY&nv)x<-d9JAWxHB}*UDy1ci#!e8EGXG+R
ze}vLmv7%<451Id{p6=9vZz5c5{B2me(x%iiO^{y8+pgHjW3G{&c8ZN928lZ6wq>4A
z<4G`g@;a;ye@R&?=1iQ0fVmy*
zt04BYw>owtKNa>96uTLo*q7mT3x-Xty@SbfO!|{t;@_)eOvxfP02Hig2CfZXaV5s3
z`o~N-4#jAvx_gMxf3Kj7^|A3xlQj*%=A}8h%h_$E`h+Ko3|E9jEh?lQXPcP6V??M+
zNegwB8KlOGUfA5)`qo$&Pl0qxGSIH4<&cu&oiH9=?s9fi>(3ST6jtJI=J++B&txZEH})4znraUM#%8^g?Cq)XGM2X{v6B15^OS*{`#
zNY}%IG4HRLLRCA8@LV^&b|$-MuiQtKm!jkt&C77>X8oaQH8rC9_<3j{I@~Nn!5~si
z3(gzC2uo)$o3*ms&Rsr({>LlY*=P^#
zWk>hV?AetFj
ztp9NcKW(phuZ=WWS|nzma65}NqKeiH5CG$eS(LuJE8h2>*e1P?I|WPYItLQLX*q6p
zzW)+~E*j7Ra*7&urFG=;PZ8z(>hLtq&L^pbNF2D6+TuqNlo`JpKAV;dIZye7ybGT
z6wN|rwKF`ow=hZOG{baDU#~guqmG!DMP5mt7BN}uAj^z%Cyt(tD{wZIa)+4I6q84e
zh=qg`%5sBYs9r!G;QSfk6>1RC$&e+Gh!aA0!2Ie6XNvG}0T-?(B7Y4A>|LB!64;-5
zyn$E47&aWQn%Ybn*YRRPRYn{nMz|P=R=gG>-cRI7N=h}=dy}$QMJ$us{n=k%lV~PH
zCrQ8X$i>*WuTn>@eIaN}s2C
zR^CItuwgg>CAR9|_sA17Lni*Xb7O31rO8>;)W{WM_a>z|lyY3E+4W6~Zod4gaY~AO
zD^)B+Q2*j_+s)2)H&IRk#ryXSjOX`(vOtstQ(Zz)H;x^5?TPD-Wzl8IZDMA3-TxRb
zb;wbkmnDuV4U2CCfK8!Alz?j67IgDIjjYZe1AAWB!le|u*%?kI)@UxfS_!y4A9>78k21b}+juS~wM^rwbD`!#oKHAd2oH6HV_XtuaNx$CmN<~`Ag#G|1Ve0s*
zL+TRUie;;4_MCwY!F21Ncs0@`%EDnXbufd4i)U=8+BMoGiWMo;C8`zW>XfAL>8Z`q
zD~4lGPU*NGRY=gOb-g-h45vs+MU|Bx7o7lGN=z|Oi<76N#RaI7T>ej#%#r1Ek1bhC3Xe{eUa_3S8*qZ2($2O3-r-nWwqB*L3KrG4aeV?Y&bSvMC<}~;g-Oak3a(to)fJ<
zAchqTr&{0OL3G)-p!hQyqj?y3fAibMk4gC}27=GEVz40>RHt3dlsn;p$cb4~qdON)7
zF@HFk)`oxQ-(UD*&oV36wn6&t;BH2DM1^Tkt1MN_Erf-1)X-H4x5RlcQ;&x0LiW?_
zTll|^kEwV~u-ZyEkiS~lvW%(xNl#-(GFlu`7J^)KQB@Y}Q#vIMh3_h*(fcJQIoFaU
z(^4C>dz)nC6jkU&C-V;c^x$8VCHeMZXRO?7D{mb5;R@wSCCg|SZFLM=W3uVAZlf8a
z-$qo?=6G#v9ykQQ$Tp7OBV;btr0URd0
zk{-OWrtg2-(6wmKOi<2X1MbwwbPCvY~Rkw*Z!Mzq;W>mme|Z9SR~
z{+!jxx!1(scGr{rQ<9L=wuQfQkUbiFo`>A?SeH>CFu+I;F7UM1KKfxr>m-`w@5T*Q
z9kCB0N}u4Fz7*rh=er(a8g@d&zGH+-N0n0v_<)IQYiROj-Sxnu@~f4ksIBj~JITRW
z45n+8B$MA<{Uv-l6ai-bM5(=40L1`+jJ~lRDhgqy@DGu|%
zsuI_$9J#BI*FG8c<+nftC!sUiKdWOvd6Ftye(OI;ym|}O_KVBy+VMEFkg`dIOb|*`
z86>}j?i}b#mv=w&4)i2WbtO>*
z^)P_51VY7-ZhNPNUZAK9n+^onDv%+G#{EE9CJzq?{2e?CX7-C0zrKD|K1E`+
zvta}a5jDzpMpFjQ&Km=Id+{1Mt<>g@HUKd^f5#4WvCaC!ozd^@q>EEpdG3}i{g_29
z*SC^AbPZ;{F6=TVz>NsxMWZU1WZTsPXF(Z;n^C~q!aCLlZoA!=*N;>@hHjE24^pnI
zBvM?DSYNL60*oG~cc@fBm-
z_8A~7UFP?2HjqL95S~fjLFaK7%_TO)+Da|3YEwt!$g}M$g5d}ihFxFq^DtU@+viC1
zCtQVeQQ*W5ucu4+M$QzjNc0#?Lx8Jw*jn1gx&F`vREaVqM?%$>7J%ejih1a$jIYTzJxr9;Vvmsa4&!2m6GO%`u%y4GLJpGBUNJ)UT(
za&?ssFh43%`ZNJn|9JCaHKzF^@XR9kI%UI;Q_($;R}>C
zfyCPj9~QQ$wmnB(`_3=_{`2Xm^X^;s^$sC^=d?9GJ=-@rV>`O};N8U1^mwEiqA@;f
z@cF*2;SYa5l{x#t)x`P8WW?;dO_Y0K;)@YyxtdZI9nHZ@UFe=%p*j%jNOZ`#50rcbv{lMvR)HwcT8HyZS3YJ?grgBgN0d+8u0ra0T@D
zMJUp9%FZ74Re<56&{JUjcxrQmBd-n*i|hVqkGw{C67%jFevPt>23#E+|EQa_pDHxQ
zsT0i*vtDUN29lPDed0{oU#(x9OAp{i6@Q>iw&%U(0orcqp){c}CemPl5zK#%YQaL#
z7LYL}I0zqeVByWMA*vzZk7OW$5#)c2%ryLk;jG@lAK|0C%0q=TA^MRRaDy4Y4P~*p02>BZu+l86)C$=4FU6KfCr3l{&UndNP|$K_1q#eFzK2o|D7!F
zQmr7z=a8T%M3d)tjGqF)Q_q>zV!qCl{^J;wdyNYo^7R_x&iv?en?blZ(x
zcedcSUC{-*p6sD-PWzy|FZiR3QgU8NC%vMeuBR3cvw|f_PTiR?67-(vYj~Z>sZCQL
zL?ffMcGfb|w-XZ5GJ_0~FsG4Z5%_((66I=IiJpxyDG-+{RhlsVMRe-mc6^}kYw0qZ
zLw_GHc}-^_DF+9GKp$~mbLvYVBm*WW6VC=7IOi%#hT0~BnYruJ!g1#ahoKvky#Zws
zYZNV3*du}bJ$L-0ErIOaM&7qx9zr4y^CkS~pomB6dkU9D?QRru&x@FcHFOl1T-=`{
z`-X)l{I7zpZ+klc8qn^%(*5?%T7j2SecK}+8TI7ZKEs|ld~&?Wo1qNq;j%Zo^U1la
zJ)8HQ%)|ZsXlXmI>#{Gq|7L)p%j$n56si{t9Eyz;&;*<*%}mJpAct-KfGj*n(lkTf^1Kaa9Lefx`&%A{xI6E
zwdKk6+znL*5JU{GXJ@sYc=2U?hnoI{0UCB_!()CTd1R}wXq(|R!ICS@6Vmo}yxro7
z9mY|2G90;{M=zz*=d_>6Uhk{vNWFznLsH*ha~T`!kWqgHEe;j@3X{!l*rqOsCy*d<
z=<0Ob<7&d@xuChe4^bvhV4>+~7H02Bzs;uHW0dZgHSay^*H8l49^)g{zuN6aT?!~Z
z>bsmMLEK;=tG4BZw>fb2grGooXLn+4`;mM*T518C3`?=d5#UyRgmtmSUiOGcXL}hd-PTlv*A5qV@ZJNpeitpR;HPM%wFSWL4V`pa?$hEmY
zrxmU~j=6n3SrvxuY_r?f$J`q9*pm_e;yuDCNBXT1AT;De_2eIy9h@0R%yz9&j+Com
zjt|7bJUoz$g>`*S9G{2RRFe6ESAe%(vcLG{_y+G^m})xrgW3
zL}u;*wox6kj-&rGt<)?7Iwgon%dNhwtL=-q7=mOygk!;771@Yn=BL-!$u%bup~2av
z^)53D2g&)fVG#}92oh(WL8;ANhfr%~$6#C|nJ)xizTz7=;diG-PIW`5mz5aPpB&3>
z<*&@M7ZEZD?_}X^L>n1<*_n&;5fPoanw>T0O#Jzt1`V{a!Tz0Koe&ZF#9A4;_^ewE
zaT0v>!yjg!XIx^ZGX<=VNh<-L0&gN!W9c(_?Zzv2zhrm3x_t_T6Tb4{u`=hhQ=DG4
z@ZmQEP92^!dOYOiV
z;J%+ZYRg&RJtt))sZd+t+lWED+4_>9fg-{1TK_ZO8H(
zAXc~}7G{+sn+P;%+4yd=%Vr)SMB~8KG6lGj_)$z)1HSOBC9Byu-7z+;shAtxubtxr!@!zds-5b)K0@2ed!0^>VHH7-(bPk=-RL
zE=($C>-r`kg#SomLig!;HF4gNWGTW1ZkBEa#d&M7(EQ!B9jnTPBHk^CN*;|vZ=`%h
zW9uw(xpjL)7-ffoEj4-5l@U!M?Z;o=BAV)Ko`Q-gmo2x_u7Zl1FIEt=9g@0%1i-@2
z!0WvM0U9$PY=#?0x)ixV8X>AQ7v8}hA;t#-MWHoDy6q)$Fn2+>)|3KA&nl?M_B$wh
zZ&xIdx_W~6;*{YGD=VA~E>evH`3UvW3@d?o<|c)Tx9F=MPa{XJ{B`MG*&sk*gH@N`TA9$<;B+MzrW;1n5`b
z4vm+35=J%i{2XToCWGV>Pnoi0x>E8^TrRSL3p^gZCW1m6Pj|kW>+hwsMA&U$K3;$I
z;~C2`ASunBDiQ^2l;58xbkO4J1YyiQ(}$Y9Z>3w+smr5l*m44Di`U^xjxJ=hE{$j$;S
zE`?00&t!3#EHO0AP4Nn;OxI5|_~?8eXjaQ%%p>Z=
z49|lR6+WGi6qYM#rW~82>rc|&H6o)1D#+R8XUWJ~nRT}LLNJk~9vu*(X;6G)46H#y
zlGUZj$iZLxM-}b9GBi5hPf_#+Aq;+iT==8b6$r>6{160T+US+7-4}^LlP0m6lK9zF
z@re-Lc^dZ@oF|XPN4+@zdg^!?F
z>f0I~sld~9zd*z0SuLC}ekapK9&hm8#^}dtM8iiU{hPugn(&6L*I$l{?Wl?N%xiXd{g}<0h>&Rqw
z6w1j(?!TNu)_G=axem>Vf1XL9&QyLxrLMgZs@_UfGR^Q30}ccksAD`KbyqpMERR6CH0dE@z&ekap*4itj!u`?
z+2t1vH8V32)znp58@^WMnf=|uSBdw9)5~l*`r8j)Zwc0-iZI;U3}Fui01!!%2S}0r
z*=m@7lBM9czd?cU?!*eJr=z1HChcs7l~XXWlQh>>Lfqs`a`wq+d{O^97zpC0NPYsx
z`$D_h>VDoWP^%4MjLz6|w7tFGwn^P-l7cd^fxLUzX0q}41hftW0Wg8NAT-wHd+E3khkSCP>}l9B!NhBl25hmvzpQ!
zD!P}&gw#ve0`1&-Zw#1OQ%uo895X09!`aZt|cD6%V3qj8N$+kM{-
zmMI)FxLkj^Ez+rx-(xiE(^$8gX_bhTLA4Ydkm&Z?Oen~X*?2!7chOTYRn*t9-@W-0
z$-I1fxRUHN@29wqFI?mn5@&YL2a=L>`lwQq?(0qWnzRU24_=*5!9wb}s|FM(UTVSx
zKK%CDlxM$VW8bgKnZipXU;IE#-<2)>9R!QZMrIZxtghvwO5YwWI+eN5_{{OsOZKnX
z_4)|xCwO8dDO`bVW2et0
z!)FWas(xoY<-BY@3!<<*2)Gv7Er$GhaD(@88^WK9VSSOw^7e
z!^6+emIWDg_SrK6yflZ2SFC^)jr@$u=#&#$1urO_+6ot9!{
zm7_8ee1!^|F-sYe&R)+8M^klr55B`z%#)0QV`Y|sH>X6?QAS3_S4>#d6c=fO{Ox7`
z-n`=~2!4g+BTfdD!oE{cLy}fB=1V9Id(u8V(-Eg&m0n+_XD|J|qhCvy5X0*z7QDQz
z0~7EYnVWl~G*>D2o;$O&7l}DqCBv?;?Cj#Au*@b|ai$-tgM0N#dF#_)5M)eE4fDF-
zmhv4Hc?i4_R6b@cIrs5>D&hNeWqQ8h&8@kWoq>_1F*=xXlhCN0o_FR#JL-7c&nx^&
zGsk$`?2ZJohb1?U6}3HWNmae%WQ92CRg}Y{(z^>gI|B>-AH#!;kSYe$)#ZD4-j}G_
zsrZG*B*;hxhkyfUp$dD7~K
z4v&TYYCREv?-u9eqE6ruN&K0*)5Le?AfFqb0(*%sUjnPEzuVZj0AoWc`#!>L@B1Tu
zVI$E)f#rpOQ6f4dRLl|q$6=L2#)L7EfcAC4l6ZUyp|vr_BwVI?iEbhsG$U&eH?%(z
zI(Ro{=_3wZ@=<=J7B|vJT)!A@I4TS!vL}Yt*(%yr03SaOKK_11%~=LJuw=tZ2m97a
zXe4xis~?}qJT)%F#KqUSp(X%9pCr;Kz#MCQ`7Uvd*kY8DS_8t#(rO2JW}H^Pq|O(L
zU#7DyNkZDhq&KDDT`#Qcv59SloY^7Fx|VlpfJ=Bo!58vgg#R*-0RTW%CK0?aJysw~
zEdStyEH8yz-!^Fkk`dk(VWFN_{IyJ^$ouNk-6KN1{yM10F$<>Khn8(CoD|@9^K0sZ
zvsH}J%KbRzql$&2Tx61`C1l;yt0o~{TPrZ7Aso4k2{9qKyL@l~GIPX5JVW?iM@
zjD5>1>>!OiN(Dql4n`?DtKt;VPR`L~b~By~Xn(6ytKM3DDa@k^`c|eP0?qCkXJc0p
z`T8t-Qht;67Bdf++OdCMFa=<(#N`BPpp)R7QeugeU1z~oQZFq}(bT`zO0lpz)7s}3
z@xD4bq;^GwsL&ZKNrP3&9WXGcRrh?8tCwzUO*f|@~M5~=}W
zX#%ThhoI3T9hqlacWGPS)AR_`!>8LReWQj?}nHgn=liSFIc%7
z7k0SMYmIS0c-<<(RK=ki=P#rj&8?TeIr49M13Fwk>!tjYhMx@q7BIIRwRwT~CokF0
zK^@qh!^JP1zHKvmD#VSm(cEVbO->hfzYbX_Ud^p32stFVz6_mU*9q%6iF~Y^;UW7k
zq+tiEjyBoFPeeAw-6h3lN+)8?`r)GV^fmRd-8#-fyo4i|e92=}wJQLe5qGUPctbEC
z_%t0Fr2RiZ1^~AS?->10DDVaxdjf$v`sC>mfi=H0jp^4@H6c2~#VD>RW_nobj~j`=
z0edvYECBXpI_M7$2@~ChzC@xr^`e0W3&_mOCicYI=u;^|kWU<`_XpYF`KrMe#l)9f
zkCV?#^qVFC$oNDkb+&T7k#^e2cb_4P!)Vy=f8#djCRh9?g7pn4eM7@feju35W!&ku
zIWZCs1T%W6jWNMR4OCB5RE^sY)!SV$OOawMW3nZ|y*cS_JsdNFt6$@$`~UsfQ-h3*
z`;vaWc3b*reM|`OzLHG!R8^G(ZHmL!mtI~2h^`Qgl-RzzzmbW3UMX$q?z}4V&D+KR
z06Utv&fgu1?*)3K$FcyEAKePf3Xm0FprJaR1E}8Nd$47hnJxEm;44q77o4GI_Bf$#DJN|V9!SbxK|;wzw100OFz
za7A=~--P5Y5M~|9LHz%l2;ZkBspvhp112QOo{;y
z9avmkoSBK|B$5|KylQ@_VIZ4(vzZ8eYd)L%YZUGid4hqGqPDU;1x!Qu=HyG9wqCKM
z3xzQ_1y2ibbyw1vKF}%g?^{29TBz7)oIK+DQuLW!hx)KVla^3M($pDcCf9MRI~!-j
zSk3L%^|>AMe9kr6(rCOs$kO4TTd`i_MKrbw;S_
z%x+~oMKSB}E(=XNIIaW;znH$XC=J0x!0JXq6mwG)
z6qMQNx$sQ{Yj}usP-XF5T`v)2XlD0JbZ)~(DPhwGbP&d$
zgnzxh!b{_dy4}>CnZ#*fp?%eCd=3>7s3k_nvH8Prpus2Ef7qZRKu~{}Of9CNrzi8U
zH?uyr8dZ*yTGr?>SGZWihdCbe5RKQNlp%WqQHq$8uL6ak)*=9!c4R}>qhq7<{R%1Y
zh0kGJk1_Yi+iGg)r^c5N
z&2jbo4r^HbrmlMFOcO=3dwieMMM||IRkJ7Z4vqlBZj?rzC1m}<7QO41DA+kB%#R?x|yu?C-B4(
z@_0EAr9YgmJBK2Bz?s#IuFof}j69V30oMRhDt%K#b5O+`z(i=Lm6sUygbZlxP<^hV
z!`Ai>VKjc}K^&u`wo5*k?1+>>FxYIb-&{p6Z!QaM7jj
zx2g8UZl%<*4iVwcgZs8Q0j1S5sRGl64r5{tr`WO&m2yIKTU@Ns6rM%$a8ngSQCx21
z-wnh%lVyYJ9x}$cLuF@bB24Vo!$+F051n|!D899-HU(`diKwVuuO~@lHGJ82cv@7h%1XHf&
z<5a7Xp(=>Bz0>=xyN}?lhrQ
zKk?EF+h2Ieh!zCwzwk@tirGdaPlkhAvo+0kxuR
z9EGQ-7FAbEa2(#~t1mm=hN!HRrd2Tgua}6azT~;8G#r6hq3y+XX53tc!z7kKB(QNP
zgC%AhqImdgpZ8j|<0+95Jz%XHo#H-_urVS}y0Wo5Yt!8)$e{V8s?$aG`drEe|NvKA4^M=-sVn&38SdZ?3RBoH{8{DUd>06ny>!?V~SaCZpvgqZRQj
zZ<3;<^+Z#LHC(87ZB!?FGg_*0o#w=e@6XxS@CdwNyB$MevB>EG>dCHO16~~c@3pie
zF#D*qDozJ?J@#hbOMBMxb%M%quvCPJ<9FaOq?tP@lMB(VY8EMGGrA1d6U7jYXARmf
zZPApX5_P^aS!|@|VH=E8#|=#ZiQ=!=(Lw^#f%e(e!`e=}Ee|
ziZ`7o;PSp&2%rCUx^A%3c-D!YVGX~*`K8AZ@An516YN}rw!1Q|s8ojBF0<9;3z+K^
zr1-U}D_lO;=k?L|gK0#MZ9=nfWbt%_UZ0VCZ*J756P=XNxMGBL?JAwtkO|AHh{9mV
zlN{G+<>fx5t&G7riTJ7vh+kVmmj}Ho3m$POJCjK?pphuX+ToGx
zN1QQ)aSJCk{jjn%_}j^w+vZMm_Z>pEE(nlSz|0TfOSU$s<=wcweBgZdy;vy&^)|xo
zNy}1y9EWzoIA;dyX24>fhLW@fed6gr#a2XC8lj56)x@20<(VH7CnOg~xiaL3hdhU-
zF|Ns-;WUl2hg@4i#XR0ytTwSopLqY6IACtMV?2{LyXJyAz2|V$zU@?f#ds`dM9Uv=
z9ApB!LU|CZ-AMo4L6o`PnYRPA$2+m&17zyd$q=)+oN)){9zxx?QCE9?&nGT`)1*4L
zMN1_`U(3>X=qVx7cuPt(JhZ4=%Sozuh)zzX4^3=Oy_csssqLbTkwT&YTOb=7F~NnO
zcGEqc`Dq~;HleMqSo8)jAQpACC;F4gji*|PtM(7cG&a+mZN_jC96=VhI;ClwT&rdLkdJ`btiIO?r5Sj
zS7SD;l2c0dXljtNVh$C&d_3HBh3V6c;rKox=q4n3JUQyI@s80b-&l{?DjVGS(Bm#O
zg|i9Gz0Eu;nN>!hR+p7w-uF|1Jl@|3jyFN+7w+z`)z>dysG
z`9`1R(TuRYt`Z_1Ut6ylG(=!x*LNqqOqI2+>ZJq$`BTgw9vRZA798AEL{6hoFGu6p
zj_5GMzdaRO=@r2FqHmPu;DLsGzGXc^^r9Iz!}Moug8P?$Nyz|rV@wAKu?wwT8Oi34
z@JMOXY0u)6*`}sOvZgil6y!NBzP%F;P90f9htEfv_Rs^bG$uP{lOy`n(og!=xP}wF
zKC!NQ%qH9PSY$wOne}a4wmME+P&-M-SX7R2i0h3N~7cKYPFzA`$W(8))IuVPF-
zI}_awY8@w>Ukowl>dMmdh7M}hC+X1~82Q|tA|J~!_+;!WuWVJw=7{d6OU~VPX^C5H
zsUnO71`&{dOn#teWT>jAw>7R5-CIPU(embKP-WHBi7U$BB@9hlb?R14x2Xj~IW{)j
zBf0x6b&O8L$V5bALZ3b0Qhl5{+)ztoqSrOJ)t2F@sz%&zc^4UJGMd$vEgtv7)aRM*
zx!-`k2Aj&j#GrS)#{*{DPfm9#(c)cw+N`mx?vSS;rO708nTB)o0b_J5f*IIj1sRr3
zRfB@TNp4@X9VZFwkGTYa_?ebl&jb?L)afS^Zh*!+UG~tZL4a1;@>>v6(PVv69S-fr
zz)bm}Ys$53z(Q>QF1hE1^yC6JHxpZ5r-?Y?VU=su#*W$gs9#596JNCy1s6vpKb
z)l5Q=uB$*t^vrf+q3n9CF5N~=irWF}gz
zESlvg{|)xZE7^T0A8(c@W18eSs>vQv_bA6YzD84>=NMDO*dvC?7UD`MByW`@S5@XfU>W6MYwI27p>EoCAjljnKf69g5u*D;}>i`mINs
z-`rTVKbmOKr%@a^MQT=Au>4dG7=-*O^e|IkuMA-$_V8a(VMQjKOIFDZn~g&G=}7BN#fS
zlAacMQzgLTz8-1n=A-EMmoChGxW(0Y9niGP#5I}lVQm$GGYf<^d1f8Sb*}!!bBcak
z?{lL>@Ux8aLoy8;F#V#J!`5tN
z{TsA&R_lFi`Zw0ypk1?ca@7n
z7kP6+1rqTT1!e^+r^Us23JIJ(BI8wKUUg_5zNAgj6Vnc6zpSv4ra6LN$IxL2<==Y!
zK_^p~tYB4LGrA5^3(*tnEn6W6xL>pblPH~gr}!;JvK4UujN!%VLxj$A;-}pvJ%OYp
zj)&L+FUYyF=sG)7*^S&^6gZWjEf&%AlVOugZ`A*6ST06m?^awIePCCN9xWJd(x^cv
zMHfDM@^5*9XO!H@G|)QnxoOBY=NkETr9Hy^nZm;PaQS0(U1)<&mkrngS0X-mEM@5OOF`1ft%%G(
zVoBw$R
zoGvLzUeq+4JmVkAXV;Ke06OCJUXgMfsOpKIN)^yLTgd7Mj4)mAvvv!AM0qH)r8x#|
zUwB1R3~aJF^ReO3%sTmR6X?&fh7TYyj0ZN@adaijO*`YKx8-dGy$oM)SY+YG7^l)M_H=s56|G}uNZYIVf^awA*LX*_ZXP;SA;1*N2E%k>Z*+$X+iIJpZ87Yphbu@lw$tFMlkjGHbUcoBA3NaFMZ0rXiIYMpUQqf-_Fl$GMh(F-imF{6?)eYQRyGEjqKY$
z*c3hi@OCl!zl2h#;1JGQt7?=bHfzsZ1WJ>iV>aXIfPfY4ktp}8pND^k0wiMoJ9QQ{
zh-)jfDV#};rb!1PVTI3z{MUy@bk)-`S}R(_VFypa4VR2N+PYg)&(6@3Bw=BgXu@!$
zO^GcoaFcCt3_;P$Mz4(_bVE=zRmbC1=`<(IKO1ivQUaztZ|BRA=SmlKOJdgG2l|AIjyBxk2@+Z}0X
zQ9pn8%bwY1eagTfQ+ycfwXrAhEW;D4o59SwHCTWZ=-d>N;Jq1A8@pCBt7|6t{`ZBO{1{hj);kWd4JXXSL9Mdu1peQyrMv6^fL6b%JvjiD`eb
zf_y3=>Cr+&
zUnY+1geHJgoO(`yZ@0qyY|m;->?xr2fGjM~*BItS&1%(>iL+DrB3ngUK>K44rfs6o
z4W@AZmES`&V69JE{BFx0=6XaYxnel8@iq-NPkx_LYXO14GE7*F7IP~oxA2Ut{Mljv
zRNdlCAo+$wfsqoxH@xBP@94%*-Dnc8z6*Z(d*c=f;%^C;^*u<$AB$r!nrq+l
zz(l91oX0Y+-y?4{H*9%~2b%^dZ|a+MLh*zE;J08>PlLLZDWmPq`R`T*&AZX=`iScd
znwj%@Y|L}u>+AMWLOMV>w!gMp=+l`mB>b8*YQjV*we6UfHigLsbgn%u=34#rfCaFr
zKYZXD{bgrlzcxRCodE5?Sf!$7DrvauT4cD@VW!hF~|KCJtMO^WKh4YlPI)
z&g1b;Xtb{)8xTq{%voz1DTn-G;Egy_6^dFimHNyxJ{z-2xfiI#h*_<#puH>$sK}68
z1`6orPyjwYS$SxyMVw?0O3Z|9Py~!@%YN;S03D(}1iNwKAtIL8u*>z_=eq^!OgEO7
zkn
zs9P#lXG@fQFRUKP5><36MM_ey8)wX=ee}jx
zbT&hk-n0GjR_-YwaikA06+v?d&agZRtyH*6n!xzxW3xL6@L;z5dJ21Q?9__vW^ahs
z^z1*q8o#T?>LYA9s12C7%}_Xggu;-tmaF|iF=^D6{?JEtJmqr$#mnC6!vRE#_x&QA
zDyzLKeB56HW*DPv_9~qfMA~wZnT{4r$*I%0LgQryO(n0rLgpF1J-2{rWFmMT6Y#Q7
ztKqfpwqto3YSS!odWO0_BeIo;+nq~S
zOUY#uyO^oN)wKzy_GUZvOVJ1B>fhu@50c6Ah5(sjAXujD8hL`tyvPYQCKIw{AY7Rh
z^7Cs!{b;vO@J(4%JhjObW#TeXORaR;afunYecaCeg@<8}u=G`eIl3m_1jai|21TgS*PJVg%bthRI&8<${E@~XoGge#JTmG7oY%z?anJ|;Z
z>z|hyFp(uZxJk2~^PEs>Ucz=eCZ`yRc7CC~-E*F&gV0lUq$=}@bKfJi+>3Ap^i#b2
z0?!_w(x=y$a-cgjP;82zJIO)>jG&IUlzx=7V)CpZEz}>vhJ9mN=FL_fsLlJ$f1FwH
zrAZi^pR5?!nw_TzM^99T+fu*3>fl;L#8(UyW}_2%rWRR_vZs9(er&)MN)K(Oup=@W
zhcZCM@R%pRYATbO{^aVH$CJGT6*;JniA(VHxIzcAv;pDe7}?Y^u2%}$phP11GjtXz
zG(|#0=edZ)7Rw0gvQ{`;D54Xm=o{2ifKgR6$IN^iI+gIAK2;UCtQyI~Pov~eOKQ#=
z5xZPFP%b}E52DW-i|F_$QZgB|z}FJmnV{E2jj6)+9h4i`L`W>hDeXONH)2WmCJHHy
zHlD{fh^fZmJnKA#wi?-|Ba}mW(acQp2c$SjMh$~NM#gBgu_C1R3hGXBtDZ_Zvu40
z0Ii^mBOZU=)pRyzeu0R$SVVe6k6F6keuhS_ppXk~U>@-43m8|%^z1D!yEf_2#s5O
zwdPiSq%K9!!Yk=HKppu<^}jj>x+D?F$o^=n6jJAI*yuo%tjodnpqC-ukP$lvJDWXB
zS_14JXrA@rra0C_yw&i;jrk>Mqp(reuTmv4GEsEKF_X+NGoH-q@>bD?#E6Y)x$5+O
zk>Ymd<~xneu7fR+MMdQ4Uwl#03ySj2a~20sQR~B(5fGxz5KYST0Yez7CgIgVaQWU{s*b|hmV?
z6;lg}*E&2u$HK+8ldPr1^k27eajA)qe$O2^wjDv4k<*cc>;
zHp;%Kp~lgX)w3)QS1U}73YcrMq9xzZ03S)~eXS;Gq;68tjyM=Htm9P++14
z7l3WI6lWVWsB}xLr)?avyt$SeFJOISmGUh^Rn~EK0g-xVWQi(})@cV0y;+fHd$mq9Z`M#r}|0{GGJLypJokc2MWA>?J
zSezDPE(E@`nzG%Lc~?e)USZaO>_y^v3IpNiq#!OWa91}aJb+iH2ZSVY-hp
z{xe}a`Ow@#_pg~)>&rbkRvQ}!7FIdyIJ96*&p{P`)^^6edFF;LewEu^FeNQq8X6i@
z@5b1I2{%m7x!;IM<$+{?WJI@+$u;fCkVofZ)ytWraAzY>V*H^mnG|V7PcaiPE%*f2|;qLnG
zf|=RTHl2705|J37wx$Tkki@6oGEQ%3jiln447#x6ao#|qO1rxOW;$tA#`$O~;RYTmCZax;*ut7<*2RT3Nm?ozDyjN{wG+mnWGWwM!mnap
zJC>+qjUyfkRWV&Mgd6twbd$mwlYT@8!C1U(_tBMARa3IE)p_C1QKcS_N&fXT)aA^M
z)C$t_cBNGpvFgF$PX@`{9_%3cWBzxMd6vq77}(_{PsJ%}0JZc|?M@ryug`j
zY_L>O^#5u^r_9nmscrK-!Vye?bCZKz}BX%J`ok$iK~4
zhj%VKZ&LDckQMkPI#>nn8@j$jS1eRMj}R@Y{OPd?6&w1oGm3&|^V>Rj%4qdi;6ILp
zPgsh6+)555&FwGo@t3&4uGBQ(SV-;kVR3xNIC!blL7I9&kSYJXTiLp-6&SSgC644E
zfI?k&9d5UdabEv+>P+}3fo}|g)|8hBQ
zJRr7x%r{xH)uS|UCW3;3-a7c?DN+MF8>q~s%G7aRax1DJJ;B{&HoD|NIejY%eV(|y
z=fPLD;^sdQjwJtde`J5GyHVc|UEXOpQ2j&ezI#NgVT`@Ky^V##66H)A)O*VP)_Kk@7iUj-x0)5NH!M?Su#9B{h8L3H=vTU667$CIs_^
zT+oa$wG$pPfGEz%Q)}Ke;~V^0Jg>t{gCMGH?DGA#i-EJMKe?IJ+2>=t!jki0N
zfhJP>zEFw1ltXmPl$lUL+MS2+kIia&Mbb9Z+Fw~|+C5vNqfQLKNBZ9n7s#8F(Et^X
zW`X7XpZh%rOV%J-3g1WhIIULfZygM=A{3VI`>TE9!!81IezUur6@fA@(6~JYG7E5#
zGMB>=ps#q
zu0Ec>-uerc5X;Oax}9Hri`hYpaUXy{n$mL}#WYmUFHN#n7qu#UC{ku|T=!DPhXHjj
zKGymVFID`Pm(n8kR`$VW|G90CU>5U>n<%-c%lmBSmQ_0W;P?a;XJP(0_A1X?J9E9G
z%-uL$AuT~k%0$gXQ-dpI4x-{D)36M0w+Xzp4a&@wet%Ep)q}I`m7KDxG93=pS(f3&
z@G6nwp(+=0GHbQ@X-~Vd6J`R7vG0qYuugo1`^=gQYYN8dAYMjkqsNHg}p1S
zMN56mP}UnJLF-4sL8=+QFAn5gTsli`;Psstha-|PSN<-kp=2V;$9`Yz>l;^?V;Qp`
zQo1Cah<`%OAdh)I2uMg|B^JiGbhA3`lDYuCn6A0tiH2n7bz7bCosA1lW|GEbv7i}C
zU-Q?;k$A%+opkx^K6IK<4C(RQ<0kdNv7L!Cr2`1?=-ZKvdzQcc)Y-3IeF$;DW0dj-
zU5&!^eLTxR4(Zu$W$mx1}U96qYb0-hR
zwUYQQU+HZomyQ?=E^X(V*=6!sK0VQ?!7Z!1N1oUzK|SI!yWPBz
zsj+&uzYK0n-u;%(`+P01{Vc7>({^=CsHuoH`=OhVp`hOTMc6-iEb4
zjPrg;{FwQSw6-jN;XQmhOJ42|F&{Not>o
z6e1@h(nk$!>#LCRtY~nz1$`C2h?+?}DJj@ls?AJVRo7NmkIg`{v^2oXUe+|Ewncnw
zVq>Y7q9!YE{8^@$bzX_5?Qc1v7o0c2D6XVcy~L;o=eh}*T|rGpUU;;AH#QXb)$x*X
z!HA}cHwsF^LTTw*m}d0-4oN7#dd1c_(t|miHrWmAxknf*{^zCr>hC%Q}*YA;B2mXmWTj!h?5*%_nWoC
zaW#6qmc!KV(Lvt{FTsJfnP-gy7DylN{pLZM6b79J^SE^JZ@|nXBfwI>OV9vgvQ=C2
zCy)_rk^|w85NujlB)Ati0PRZSeB_YM^zPGTirTHkHd0-K0t1Sku^+qmS`i7>(VwAS
zO#MvxDDar4XJY&~=WrKY@q1CIkOYkiyrL=DX-s=D?F#xOgRf^t*tiLv65FJLNU()(
zx4i}|$reKxrUTDqya4G+JG#}Ly*P}vXpoj=#yWo|1W+vX0DXY;O0gbTE}Bm3^1S-q
z4zjwYV*JIf@p%HJwWFkNSVV}_H(U59j1z9;BpbMaxLX=Nrv__(L)3(L>AO2#!yc-{
zHY*(;{gadgG@D%e-Kr{aQzP4MONrLfnO;OWR$3YnX4dij-pO`Z
z1NS6WSzF~;Pjf{D1&h=yXMI(78{5>dAf(v2mV%0tS$H$ljMTG=f|@I4WYrXugB?^|
zZSD9i(?cv3!eo0;X;!-TydA}Qy2cCshA3k890L5ElZ-hXBxn{;YkZ>&MuV=TG+~k-
zx3G;W&O25=lMtBZe*UmV0hox8n_b{W;S|n9n0OZ&*K@->;orf`eXTa`VC|<%wB_hpJZC%H?UAl7c4cp}`q4
zv#GtP%WR(?b4+3aH{GYXb__BpftbRe=M*&&9fbstp9!bk9y6XWcP;)sQJ1$vE6%dI
zhf!NVG`zk{Ql8g9I<(kFl}MLh;-+z=)iOY4Cc0vw{l^Kz@CJ=SxSeruI?@%jv$B4=
zbVq0zE3ei4x@;WD&U&-!r6=GEGPxR;_kjVUkB)v{#VM5Q$`Vf&_dRC-<7INqtM3J;
z%93UqgEV`K!{yc>OY!t+Q2;4};_dvk5!A(|I~Itn`2BJJ>D0+H6irP>yUXK+H9a5^
z^LT6T!t&>JIf$?5rP%4+aJnF@`308SW}W;5iZB(N0!w
z_jEFhUfIkI_|O}w_K5v8YFO;Usee6M?4em!cB1*%JT2CxD*{1X_LnndF;+k&=h$Ge
z+#@$(9)wF}cFL1QmRDZ*7~v4l!LckASokxu$#Hu+oxBFItI?G*B(0qTkbY|*-J@Wr7P_~4as&{$$Ay(CNIMRL(b2#+u+@;j{cscA77OP8o&Z|e
z;N@_YRR+&C!xk|(%tn5c=HXv~#t^RY9Wpz>ATHTs16$eB;CCGQ6DZ_3Lm_X6usx!j
zwDix#_R?K6-ORX>5B2KoB@`dw^oOjF>jDCf<+61(mRnhAY4{qqyTBbqWkqv4e+Gg-
zv1fTExZkY{I|!NoP&9br1lyNq(bC>rEsO|dPQKOI+sHU`xXPJ>o|u`QsY@h2g;|g(
zC?Ko0SwePgiDNDoVNO(3Q+XSk0kJB!#upm*3#`H
z!&_0<)vQv<;<&0*7@?x%drM!gsf>ATpx*j|kgN^9^;TvS#XTXhdjy9>7iR3ZsfwZ9rt`>W5!MQikfglf7r;Z5M*Mw
zY^vMV4UjfFT!RagXMb8JxStei$J10&TA4ASfj`r}-0c1!jHk>(N8jXXUY(!c8)>A_
z7~qRWuYNe}BH^mcAr-9KSf+3#=~$1sXh)1!#Y8OC5Yb4}>-+{iWj~&@UhkvTe)-FP
zGJ>LdBVpDLH?T@L?2tVJ?0dhyL+OKV7&
z3*N8)7cYK}2BV1iwgTKQ`k|VAJ6^i>^Dd*uZ@9v;rQ7E<=P1~*u)2_=eNAP~J(Rb5>A-*vIg
ztWS|-71Fztd?7U;XvfC^46UuTJ)1KTB_yiYRRsmx=s913ha~(Q^}&INEo#L~l_aMu
zQ0Bd@@g!1s6KTAWVtibI!4B
z3mz5~3lh
zgOhhjXs-%ScU0F_Hdc32mK6nSCLWdFjO(!aDP@g^cQXpLd&zh%q+#i6w)#L3E+~qkxwXSq6l>(<(jA@M
zud_eA&)YiKFRbPdG<{qMc&?S&DEgcQ&1HavIZP8*^K{#C>Z~KAfB?_b8ZYVc)L^-H
z7UptDBI#~ze?(&iY1!;~U(QZqvQ6z+C+p~gj(M{|(aYvWw
zOg1@0X=RRS+}7dWYW!h4?fBC$=1jRO_x@qsP5;5V-)elv(n&<>5e*6&vu(^*!NlD&
zv$`4u=xI#&4`S}UxR}{}r+8O>5h)uJx?G1=cV~ENS~b#3gs>Bu`&99%t4b4&M1`BedgAJa*bSel(W@b=7{fNp#nd+{=sMAl%
zaxGD%rFD%y)LE)DA~D>S+eEjM$EcaS%aVlnogkp%`q5ETATo@y`4y$g6_jy}GfF8#
z4wE628bBko7$CyH>0muy=GCtoGma}gH)&&^z;E(|wBK$vCbqqU)y2J8rUN~$xJpZH
zsKe#~MSELNG02Abr45aF9xGJ?
zFw_s8c@{{BM$yexb!nK{0c^{>DoAA*MsyO%(ciqJvrm4TAunlCi98&9a|>XZ$jh%B
zX8!S*?cMfE3GGfqSnt{$o@1sds@!mXz`S(1No76JARgS454h!}_^R)@L?$Mu(r@(>
z4*kGWPld^5$Eac`-9vL&kMI(U`TV>)ODzmcxKFY=tDE79G(0M5iq;n;IrF!R?Ky~2
zY$8QTm5xWV?EKI7NB5Y%tMZxsGeCeVF?tu`SJLA%K6|vapT|DU!N6`P)K~qu{n^^9
zt`H2lv|LUOIf9m_hqd$XSKE`dgrZ2BPp@Ll(UZhPUq{-7Hc|e;?e9>Vj-iv1GT~8S
zVNxP8h~?-vaqljwNxTeWN97zd6~guzlEFV>^eFUmk_-IS%_XBo^gaL
zdblMcoeIOfiST?=(&}if%9cTydSdUPN|~TW0CEG`wM$IfSSh@c!Np>!NJ&j?N`3)o
zTUh~IYg@qh9+0l|*p-fi_)EFAL{h^wdWvBj6p>?qgsIqUx@^7DkM#pE9|^w*4ECRt
z)+IMqHU^bih=9n@ZWnVOTj6M>rfFfRwk2eL3!pxOJUm=Hf!S)fH~1wX
zElv07lbARo$ceM?WfhZOXfVTDNx0Owgel|s2j3B96~|0WP9n(Qg^iD`O2SZp_1@oBRr6GJ-CYjO-ZIEK-kAlZtJpk|90h5Hb^b1kqAL
zGFCWQM;W>5XEk2^q6^asThp}EH*i_UhT@^|$#k^Dd8EL=SVCgSsfOs_=aoCHYsaA>-AG!;eD8g)bi16<
zX&bE+(%A8MTB@>+o_Owwjp5I5*y%ea5szML=#K&db{#B#BVdwV&Ys*?E^jgD_1fIF
z{UIU%IZ}NKh`ULi(-~YJDP)+pN9u*A_W~as%Rp5Bbd^1mSzZ}&7e{BE$8_v+T&+sI
z(V>~)x-rw*$#}!>wK8U;AX=^2rt?_3C_SK=cEvb8*jIcU*jRwQGLzZ!I-Kmb>AWj$
zu7r{)j@tqsi^Kb%mEylieI!`2_s)+7K5^*k)c4?4vcv7gFK925c0FSK_
zmAbNzD4!3xXhq#wV@YLY+~7p|#Kgo}d>J6kr19Cp0wM{|Pn~#g
z)UCl>kEc5jz>R5#h8?p!KU<0<3lbt>vULwd=7orFLo<`|1}6Z0Qs0HCeDY}0wN|;putm4P
z_c3Ol_8u6m!e<@A(-r)rCoo6%K@-DnxOMz4u_9l}$Te4whsF}#y}kTH^~
zx%p^$+D5A29q*#5&$eczW=@-%TPm-$53mkyC(ml)q_+}E&Hq{IG3Qw)c2SZ__)b|(
zFFQH$;|mQ~;Nja`Ck{}hJv`D9k|2i4V2A@HWp)o?;A}0}RXdM}4HL!hD%FK)1+PfP
zyBNWJkALR?7J!-v-`%0wS8BN&d&B8ntaY>T@iXA)Z+xX9BbtOKR?Q!1@{`2K%sTt!
zwAz!}+&qPgd#b!5|7Mrmm>wqpeX$^Xl!={h3&0qQuAl|oJh0=e&_BsT7~KE7wC=C}
z>eBzIQd|93!sdTs;eY{g|2wVaE>gZ~L*#v{ei3C1iSzJ-xc;BN-R}<1TZYmEk39d~
zc{(+5cpsXyvna_qB@WshFFVgOnM2|cwh%8NIce1LG#dsGFHk~&gk3c%B4bR)cydgr@sZi4i$!ifcGVP)I32Vu(H8W5m5P-6
z5ABQ{lbzC|lqZ>4Zy~C3JCV<&@9%qXFIP;{L!q^Vnz25a0mCDudXS#I4qLy&v2%1*
zu9)UOa)3BUVm*&*I@CYipuVzM1SSz8m6Oa5uh&f+xpMl*WCVjhhP)Ay<
zgWWb9hJN+l#qItK@G`X^42}UijYn6eG>!eaL>Vx-f6J3}G*%$QpA%Du<;1;&Y=F7B
z*=J{A;CytcIbrad7GwtVB_ei*Akp{C4muJebR^q$j~O`?&zd0%5z%3oF4?~Heu86Z
zp($|GIFIsm`J0O|%1?DpYxWlSRA~%clk1VwH?ENuc*u-*Ii62=p>LeJ*6cZ(7HJMl
zOJ?*b623Sm~|>B$%n`fvTL=uhN@+wq{n=E4dSK96qjkNZPhI3WnpEW
zt2^vpz$f?82?uDZzJVFCBe+mH`*U&?@ilkuVq~sU0VZ8&b%Ef
zt*64iCDECCM|VPqYGoK2ZWW5YAP%M)R{Vch2Zdb=tAc!CCRV2@Gk+x#x(H{E
zKXday)`9sCE8@T=!jtJSe{N!d*{rzCZv0h*rMKySJs+
znK%6-!v^=^$_h0n6){j=kzQAV-7}Wa&*2l@yPxLgTfG68@B2?)3T1Fl_>mvy)?GX0
ztz;iP^S$r<=a1KBIon$I9|IYxwc*&$%kTOd~KZxDrb$MtDa#Wg2Ca7Lu2t8A_Jsw8qDK!((~W
zJ6YjNUL<8qLJQ$C$6wD)3t4&kwW4EVxTKDi3SV}{yw#jnb#)cCXSLSZm{L7=4Y-`-
z`$By%8^z!Z_Da3BOsT!c$gYXjH`(e%M}z1tae1-gV~0L#VQs8JSDh@cA_>gTvN+5u
zsrh*A9udq@TuKnaqH!H3+Vw8Mam!9kot&JQVaN)`5+UWCpp|=kLr^RB;x~-Q73z}2
zLqrgXeKwOmi=xXp%L*dQ*?=u28{&;v)pN9$5%Pg^&xVEE)bfjYGq5Yl`&!TR6VX5N
z^R_CWyga(;A<9PTm-0pPB=L~JGCA(%B?nz#*^f^0SwZltZ+Uh{#l(*%E?L97VGeeRZY*x4D!9eaU_m}mstlzf!0gj6KluCPV)>jrA%h9
zpt@^fVRVLncx-4!n14({u{m}(4H@)FC3~38l1?Pw#Q_C`@z30cLfYxsWg-j_zXRn
zR=kD4$k_)yzlDi|a8;ob1(cOo^o%k-eRG#1OBxw0)n-C@Hou<3v`}ceevpHlo={Fa
z3av}N6YkQf5+wcd#-bGaNPb!En=Q4JrNeD{b!8Xq)4JosnzjH*;?g_td5?RwTyyQI
zgcd)$Cx9y$&BOi`=GWfXj^GHAxE5bZqi^5qE@D#`?MLHQ(({T(NRypK+=e{3#v`k4
zTv;PupcfC%2LVB)V;xlv@yNG1KtwVwNTA0H8v*ljn#1(!CCSLd?ZN#tn(4K=bo99HAy@W3o&DFP-!q}F+YYh
z+Z8Yh2g8fPk1x5Gz!00#fM}(vy}nPaARQZ~V{NRf;|7eb(6vgE+ByLgoTDXW$4CFD
zb><%=#Yj+B+)d7=>-oT)Yk-R)zOv&%Pfjf?`SR!W$KY|%9MA3)h9sWx@$o%ctGj5E
ze9ccXCs=8{i;)sMMnBJiGkDmqwBntWvX;$ZMIe_t{kyOIgBir^M=53b!+t@9ozcm0
z+71KolwsAHu>UtP50VG?iUSRqh+4MAV}?IM+6y
z!CnZ#U`UhqWwMfnf=ybJF&q*nY5U|$lZl|Vuxow4lOYo=8W
z&msRTOr*)n#|8hlDaE9UPNTi0&8qBmUj30FQbkIzgRYRbWrJ}UMA`3R-)vtus_pst
zp2m-RD^=gge`xr3G;cAuiV}y^Rc;1~E`Pe=LU;3FKYM6uh7`{ZwTlzxBQCt@4DAQ4
zLJ_@F*IGmn3K#TG-nKYL4UuTA
zYJ)T&3pWZcA|6{@=Ex8o2Xx+Y
zR)#InD=_VE>*%!qIy$0MdtY6N?hQ&SbpaTJ^U;SlR-nP?`Y$&XF1l~6rIu%XjLXGId}nE^cV&R+hC8lSIYjMv8RwNTP&)`&CAqA%E$f}Bp32DhnYvkLE*}F>tmZ#QqF9z
zfr`o_NX@egjW=LQ2Ze>`D!IfiwP7bp-3_xhZLms7<;`@&*Y_O?ZCaE;^tKIhA%DbW
ztOdXNrJ;+l#!<4a`FnMuaJYgLH#LQgx%oV+N1wxhV;d(*k<&fMi1Dw+uX59UmU^)G
zGm6Rf6up~spQ0L12-ZnV!EG61MG9?ru9(^mVt{=$j&Kjj+lfX?kH&t;l4L#(pz`49
zI(p2K3W1Y}7034Xa_6YnWq?4*0NaI%)WIj%eUK3_?zSOIi3hUDDpBQo>&rCkzQ`a1*BkI!-b&o}*smnEdjY2Fo8p-}-2
z{AZ^@ojXyJ!Ra8KlF|wsEqc*gunI6mMg>06NygR%7fFBoGw<=1DIkVKESaAbCL
z4^4}5OCHR|W=F%PjAhcKZ62K*Ec4@Zct}mye)xGd8J+mF`>=Gm#*PHV-JKm2#aUc=
z+p3VtTqyT@R#QmzmyYLQh;>1!#F@P?M;AQa4#&A2n9WEX2g&llw^3@Qr6z+xlAD>P
zhPBVV9hNOi`uTR>BW2I++7^K8@qh)5Yvxj;&5z=WnddqFm9rXMyVY1ljO6
z9l);adB{s}S;BY)M1HHA1kBE!U6;mf%E%*-`C^YKB-VdY-tSKTi9;O-fI9!U>6{sk
z`g~SAFvgK{yX=fogSWP^KFhp!nZj$o%(}eSLnj+dw#Rcz0Q}kQ
z!2@-zKikj6VPJ9hfcLls(n!f
zxfNu?Y7&!@wPwA5u`xuL)J!c6&EBsa@zC8i177^~t+^c~gd70F%Qc(i(#AKyv_$ma
zpoP*SmCvm>saj?K*eJCRl-VSv1W@RCXFbKq?YZuvgIH(Hn+Z`R7UBNAgx
zpv`4+#o3DEe98Alj5rr!jrP={Cw)Vh|3zd5^ldzgBQoJbb*QN4dOkA-7!FBe=E&7*
z{-v&K_rd;_iX=|X4xCq<(grE&ee-aaxi=>23GR|aFAakl{>PKk%+_?W0Enq_^_IXU}Av5ilo&-~aE*@q*qlN5qv-IKNS9X6N+Z6sCu4&hd7VOdS!d9=GZ
zraW$@@HybC@gL`Avv7}$XkR|-w@eEBOEjt%&sUN;z7O(fSqk#c%LHV|*W67Od;D}OFaK5=_Gy}dRUYp5Ct2=Ze!
zlkB^{8rvHWh1}XTMP0YIS#EhsvEoaH_X`{9*iN&%xU~
zwvz$mhA!L$wf|)81AXp4H(o~|?|(ps^jn&jP~GaWzzFhd9ciw7=re5%RZRP?e@r9Y
z=|y*Z9A_VoeDZf20!l&b%*Gy(#QEQjMGjraC!|ojo(%w#(MSVxR8ah)KKCCP(Vn`g
zFB`-CZz~y#BkzgPvN_M=6UX}1v8{_8VG}DXsQj5V$M&cp{kFDMe{J#@`X?Dgy=uHctJFfRVOG%rfDcIf4iYH1h#4dv
z&-e|lgy@Xv7M0>N)ZXxy2mN!e
zRXQ@<;3tf|88duylU4l|8mX~-y=?imOGiLb56XjuJ0z?3Ld5(KiJ3M~s`)nfDq!9G
zC56`YhM{3Pgq;NX^MHg=$bIm22cHp)-s_$!FK98EM9WlzS&#JK_4VdHqd-(yYEC5&;zT@0Rn=blC_3wHVYfF1XXDZF}*
zDfPAAP+hmcR~_azO}i*>>^a+x^swi86(wmv?dOn-)t#+DjX`%rNR@&T@Zy34K
zyN|63Hmf~Xrfj`K#RR}L?igWLTavH0zpNAo9HSN)3`Ec~0YlhEi=mlsf^DRS73;lL
z*DpyzxvwMD6og9GY-7CMvy71Ul-|!|7sk*Mxw7#-wn;Z1#M{_Tg9-KMTjh$3TW*;Phui|2ksC2;$hBq(?=_Zkj7j@MHGo%&1{r=(=M0iTI{KQBoX9n$`
z>2kdEt22uiw}#tzS>oP5dI6+>tJ~LqqH9NvG}MO@sTtQ%XDgu>n)y6fh~uB`vk5c`
z)cyYbyQ>P(%kh7jOThE~MU%So2!%^i&OY`$iKcxKJ&u248&zw`2b}
z{^}>=`ALq|efCi`s=qOlV9KD=dec*;0t`gL<8sjNws7
z%oD9A_lY3XJ3Asw#g9{Mjr=%CaI`(YEGb23VZ#v=n_O$KdvAI+>Jsr;Pr31bfDywL
z5R3%@sWc*MZPPFJ;XGJU6`VhPa{^C8EvLLHf6Rdqlhb}WoXPi0Vfgf3!HU&%>C5j7
zj5)d8Rm&l0@LAR()|39TK+wzVyY9HRWg9QhY`1K$N`+)Mw|3(;6C)7)>Ao8W#>4T+
z?@TyrcaUR0aBFK2hmZ=FRxXJq94>reE5`riuu{hdrB<2B37zKk{gMl3L$c^NZMrA-
z<79aG_TXHr+h-w@OUVrAEY6RSYo+!$uI2-gy%F!{z~^&uTW=ezFGBbpdzrjh^^9p!
z^ViyfBL)kuJwL+zh$kQIY}mapP4=L%=5JU
z{^55Wy)&9P_Ud*#XRdE<=#$(r%6^@)%-7S->(ci?nB{0iJ(s-Aeo;hHB>Qaslvy-c
z#xIFc+TgPM?3H5OLsg>C;?=`b_4f2Lbbg-d#0Hn19*MQ);zE=4Wbr7jNG^-lX6?|f
zjD)AiMcX`aqwvFvgW^i>mL|i*!{aJ9P^m~RgEP?RT2Ao2?$wI^$0e|m9&!KmoB8t`
zonWNk(@=ABJ+WVSjFbCGtbfb2HC0Cr4wraT8mo0rJcZnv-m_JzQeu^t!#e7Ygj@!@
z`RkmyC9~!3+)%-d92otO&?0rv0HJPM*_D>_?`^8Q|AjS~%WkYds
z@sci325BjOZB5(v@5NULQk}gDc&c9x+g6BvQvy$+JeHqQ?n>df>ue=vJDz->w;&wf
zIPvc`+xMPHehjV?{qi)|UYkDO;7#v)f_k={dMo0B_>b^@h64OoL;jL<1oCZA%ithd
z#fn{T$C7`?bxji)Zv9AJ_+SGXrpn5dwIV$%cpbxvIiyDkVtx*cZe9;uyPldHdPKIH
z2h6DkD0!K`zhsRyzoMch{oD4CM|8Rpv}70bwo0@t&FL)95-UlY@`BItPcIl6)=A*N
zC7PNhN5U2Y9>lF
zkv<-ey6#Wm{YUIO;N8Mja{Gp`uMN((+Kp}cOYrlS(EUcQ5mUY#S*}D2zJg4}c=+vG
zob+bjxb#HjZ?5SX)bH=X2=xfN1~K0m-!7io)zzh&JIoIzGPJme8h%$%TvMXEA8?&R
zxbZb+Ok2p;p^73Br?31;7+Py~3X4^0Fi;EguVXq<_x0uWkK>aQI9*EdO6YuE=uKru
z$`iM+-n9E8I;fcZZPIQvvP`nViwGP%T>j%9->8w7a9=CmK6p$y8knW3)@>7yRzRmW}L
zs%)?(_D>rc^5ZT
zt61T>*=qAZTp#S-!Koxevh$nl-Y4eY&^&+O`L&rwPcO8U3;WD_4DDKu3(;mY_%p|6
znAGp$A%zKi09f@)xL%V*NH4(LDP(7D#yRmEjek@tio7pbtPfpoe{7B}>r`aYj*k?Q
zzu^hKeg_I{>o$c;ZaJ;e*Aixv5fib#7|0zl|GR8yXB%wNW9Xyt`3w{}D2ZQCk@J~T}W>7G*!QK*tw-M~j
zS!02>9O`>01En?!bdvD+cf}BKT&^c(%fUta`}-}aCtA-&fBS7y7ZX69q0-089CoNx
z=}xlcV{+GR9&f4DrWQ6Peu=S~`Zijqx%MW84b7zuI_fwPG?sL-vP`AcHgwgT`Ovt2
zS-k8dI!?9G@u%qled!3|)*%rci7N6YP)drp7na$UDXB?mabJonO;W=~C^@?2Ds^2X
ziz_XMTpH?ROV5Eiaz>izDV%SMqlKS9Vz}~G$EN$Xsx$-9VjG&BCyo#Uqbv5uR$?Cg
zCdX%j4TqEl1;htfB1e)uRU*yqHiN=N{C`MOmLqCivNixt52`2|tBV!Eng>j$JePeW
z%qQWqZLT{D2^5V?TK;xm2d;nqZ{IV=LoCG3&!NI7#yl*0pu}h}`*V1ZfnmkUyMT!+
zHY1#T)SeROsn#OHJ$=ig%*CNfscZH>q0|!f`C5m~_21pPRiAT!0h22I$7$*ue{uR9
z7H5%}2g0b?-iXFT`0g<#;TwL+Sez-hmwek8T@{s683(k7Xq{G7o=oR7Iwf|-iDKzO
z585qEqcV^U8ntM73@la?8i2+DA3)ojb!kz*_2KzA7$$Cv#c*u%%onF3G9EwD=kDWm
znsydvXVV-b2J5AA!jJ^lOf|TIvYE&t1)i;kdz~7_0q&Tzhmxcs4{JUTD%4)7j0tU*
zYe|-7pTk1FAeN|$4m?aEudM;|H2$T0BuKZUe;GPhtpj7d8r3$H&4}`@>_==}l1mM(
zqjR43HILUJ?Qt+v6W4ikbF{$s1BnfDP8iLNW+Okf-Qo*%s%>#T{6W>fZ?$0z2IWNQ
zgqPhoBy6qm1n5D-ik?K)xg#O?SW})Lt6ZtBz;V>-TGj@~un0Lj4zBz0;<6~`Is5Y^
zoATk=4NffE7A2sYMYd}-W;T1@^4F&F0_ufso?=7)gpJ^#-L(-=k@bk-*Q9s57@)~^
zGKr485F0Kgjjh16FfDM4F!2L_$}gcgT@kKeb#{F53j$@r`N4$1pBZ=8K{`Uq5Otqp
zX3}`$37V+V7K5H#LYfJJvNAB15KY=5DnkGoj1h8c{9jKfDk{r(_>daT_2KM7OKp!uU!}L1WBi~&rB&%$^&*H{qubx|
z497LIM$-t@qujoxWwZ3ye&Zj{6vu&2AXQ2{wYJ4q2$~cUx#NV!*Uy#8c+p&b%-v>pyn30WwE6^t0eRm?VtpOM?p5;v%*WtEdrwL(X
z&E=Zmyk
zf`V!+7LlQ5Ms8@%%O_G8!s1NwNU=C1BuphZ;gk4lJHLzlxXk-`ON5SrMNt)z;f#Zs
z8aGLAz0G2M0q~3JCbGqpV<%;vuIN3v6K8U@_GfQQ7iF$`4UhZiOqQw@nLXEOyV-WZ
z<&^U1j&|Q_Nt|BifW@;eSpUVk+u!n#0kTXWA4Vz~8V-uz
z?6{nRN2^1WkOF!$%Zka!*i=+h?221PBA@i~55FqXZzDpBO)9gJWmO%DC^BNfi4obl
z>&FXGD(u3YFi2YvsN2ghVWIbDKK4k5g)!iN(U$IBi?$BGJFqY3UEAa*4rkQ;&b}JFq?)
z-8gf$T(ZoI5!#)c@LDGY#|ol7etJm8ntw!>v%6^0tU;*y_J|0MN6e)p
zbi-pgUVvCmSLpgp+{3~Qqw`VPh^reEQ2&XOWFI-aLK%qZWJEgowi
z-n%0g6eO7TYc2RlB1g2eXZKAXJji@0`|K8V|0XsOoMrG?M+HC{rH!%?lub$91&E-%
zi(hPR`CR9+^a?qWcUG5fI3&gl#5yy}HvgNdr>3Q)5}g^Na8rY+h-+$YhCSDh+FU#(
zH$N5!-l+c^rSo6T3s%T$fd%${jX1<>2@LIA@#soA?WQ>CeD5CK*q9q2qs@Z}kKt&P
zfAJ9}VM%2B8}=%?SV}0p&M0HGo*S|(*53@zGOeI%!Ylg&-%(Y%DXkzR&=!08NzYhU
zQK9y?T0;55<%o)LZ`aaTozSeMnyo4eTJ~AU@xN=>hhk
z`Cn1gKvqt&m3vEp{H_fV|Qa^nSo^~D6aT2jsP~v|6s)bH_$&s#l
z`iX62$sQguG~I~gtU#eiIOntGu?25{${Yt5c96LR!DD_R8*t{9lsW2fZDl10kA@+t
zjyI=xKvij;jf|p|R8;G!0cTmu=|U`BKhJho?|UKEcW7h$YJ3i45H|dC3-u8a5B1k-
z1uz<6bbKOmtXwz^F*m^m05`%Qcg?C$)Ktq-PR}&d&s^BiAuu>O%}c98`r`%PVkwB)
zbU%UnaJ|zKzcl)PBInioGumLrU
znp%S$u`>F(UHU6(n^Q1R*<`<8S>J;iSKv%%FIkT#+D}noXJAm`-g((>7myc`+SpDK
z+4Z23pnp!gYaK!3YztD3h>n4*;;ue(^qpwAUwvboUmOE`@@dqyDGv7H*Ifz;896)U
zXXr{`qMvGa8SG*qWn`QaexdHC$R(xfo*+ZXg6X~PwTfuR!0v6w_)*uKV{SCq*cKfR
z7M6SD6;zp#wAfXaSUp_w6BV0DKQ}Sjlek4wHz_z!58-Sw7jU&WM2P&Av}|Y`>fo*5
z8`s>p-Nstud299N4oX`4?}RxIKD$y|oEfUNy#|f~M1TRth4U(`SK3D87S>L>&hAnc
zn&RT(s`yvi;S;;O{7ZJPcB_bfFIZrqyKpNaPi-w(SNV`|u_}Q0)@dhssGa
zxi(Z?OuH(hGfqYg!2jY`7p@7@NZ+F~N#OGaFQiOteNNDKHXha1KTg)|>jtVQC=Q>=
zCjD4pV)*H$8?N{2(`x&gnoj!>0M_U-76X0We~3zf*?D2w&pSWHbva$CwwrgpIb5j3
z?u%gId>}bocJd}_?z%kec_a8_6bcr5uLijAcMJJOjfB>xb=j-hE}f;pl3)sxdc}a(
zq)~hCUCFyqZj!=bN#@S4PMlNVr9-)i56k5szC$8oI+w@&sh}(#-FdPx4=}Jm*#Ir9
zsdjtkViAiDV;#OJp@?Rm#kKvAu$AUm9$}jwIrH!lqn_+j?(wf7lYBwL+bHE-itaqV
zCwOo3Ja0_z=g&?(k7{N%^I&%%Z6J%G(eg{(mrDi-a>f+w*AN(=`=w
z%=LE==g9k4mm+9$Wb8S)B8nlQ@KQn3wO>DB^i;8{sfJni-9V80meY-DN%kg278zwy
zM=58-{bp&$`XO4lFIw=6-5&PQN>jxqKPZ;!s^tjgO@h7}8B()jQi;REAnIGDyms8K
z$r)DYV#e-n>XG{HY)Lnk(}VIgfEFY3mll3iWxkro8q5r!&IbSK{x~TOjvf?_oO?NA
z;`gj98mjwAs!&%7)E1X0%AN9Pt4M5Jwetl?-6Ae+ayfx*IOxsw7wI!Iu0BV6usaNR
zrn^WzGwo_Li{&rd*D^16$K~G_9m(}N%{SG%f|+5YZ=CsY3AQZd6Sh~RyE|{^`ctyz
zi)&$p`aC~UTMHQl(-%3x_|c<((0B4REYy(7ZB
znv-C?k3OROv@M$ANc`HXgfQHeIB+dvkz*^DUidirWOqK#xY=-v!Xy-hX55z=9@Q6fa^p8+Bt{h7lEXYYJB{0S;H
z6b~~Pf;8UT8z)l?p6V-~$X>VTL9(Ju4@%=yQ<14&xItYkH&g<6XmsFtz06
z1ckTs83qhOn8r@uZ$pE9fD@s;skjBz$jeMc+g3bHO)dR4FhWm>NHdnq&s$Lf0R|yF
z9K5_5&FpNMaeG-A*)2H_>LSt3OzftT;RLWjr=z$D4l?iWOb?>|Rew`l
z-ky2&^rwk^UHHAfBe+!0%g0CfJTFC#uXx`Wew#D4VUBeDut}p%xnz*lOfG9^$dNGP
z)%Bw>N3g4%n&-IxJp`3TTR9mThH~i`;^^Xx0LBWYh1MEE?u>RzVo^V@`tET*QB{Ya
zn*nS5n;T*(vdZ!bbR1cz%kQ1;zMiE@HX2dG6eQtiz3tS@uw~#WUo5xC(uJS~uyXTL
z4E-I-jEK@4Qh?4CcSyLK9T;~z%q|uqga6j?zO#$Jde7T&4Aj8YqbqKx!8gg1(bVan
zkr9*a%dqK@YpH(eWZ+oK_V)IOxaJ96G&>lBpr%B{DnotdcxX`vx0X=jcdVK$HA
zTv6VX?;C{6eiazH4b)IFRBB_>NRLqQGez-#^R$q(v(o?>YWdq}swn&b
z`a^tCEGbsw8i`?VQ9ssn9i&31gkCaFTT=GVFi}To9YiAY}*=vn9qG2ZRCG+jNcniEu
z9$II3$#P`Mp#34AE2`QcjH<#bT5|jtxI-N-;zV%WlRM8+ctBi6X
z&rKAk{8G;D4q5im1=Cgu)|kvfO*UTsf(3Iv^FAlb4+szmK65QLaFRl>A8ceP!62Ut
zx{ffPIA;tU7yxm=ygKU67Xx>1qc~9>sQCA*{fgUUx#_q*7Sm0(1Lf)fpX;RA#TL_@
zhYQ+*y`k(ano2OvdP`Q5X!P|meT%IT(BbZVbKU%gZZr;b33TAVT4Ex6J4@c=oP6?r
zYy$aUXR8ClSJKTzpOJ}JjkjjXQrq{s4Nwt`B`A;ZZ!ZRC1&Deco!OuFzC91w&H4Ik
zAgT?eX5Bo0`MwEU*|w=Hv^hSO{A-eP6K|jfn#+lwm4@_M(`Ix`h>B
zTv2Cs(5hKiaVxK_c0qVlITT|V(+{C1{{jjhC*K*dKp_8`fe{i#Nkg?Z+P{8WU1NuW
zYPj#3%!fXiw49>(a4!F)?d|Q&s?Nr2ISBKluSD9B-66DZJU#AnA?u=jtZ0yB8svQPy3sW`XpvN%ToJs-qP}B+JQBuX!S_$p%K~^@qtOyZ+4OiQc`#4
z>l}Xu7mdrjM*H~anOP<_QmmL%vG(-0*M|{XgZ^VsAPT6Nx;gT@x&axkwwi*9PFLHu
z6lijG)daX(Hw0QYjvvKG$-~b*Y**)hm13Zw#Ifms;BI~hjWOh~n*^UC
zyg~(3gIPyC2a2*}pRA`tjiqszw2O}`&3t1z|Kq3Gtvc48ZGRKQ``OQu5d0%oJFV*F
zPViV8u|xE{BI|NhQlg)IV$d{F!y6R|>(E;KS?;HWwWX!QtHkbTifqaw>LW%wU`Qg*
z%e*Tpb|H$yb4@mAZ2Is@FKj=iKyjROXKOHYaVJB#r&$vPG8MM7tbO>`Q
z3w2kc#gq4H({)3%W1kIgq#5K{#K$jdToBdxJ7`1fYEegJQ0nf7xAgC-rR44?t`V_L
z4B*95CUAlTjEuuml}Q*n?^R!Q3ghJWpVr>JjyNA=YIYPqPvVZ;lzkcf19QQ5z+`b^
zvDwIk!46AT)oczezG9xmV^Yd=4OxxNAqu0?>$cC^cqE3-jSUS@=eSh(02
z7>e56Y1Nb)4pfSW1
z*0s*5W_*zIo&HTNaq9|ueP?Yv56vBmLe#?zgt^ksz6
zlP&?9otLJqd-;k-fTDQ8HYbl27E?SJ;}7HY_4bl{P?!`UU|u!R#7?EcrD6aHQJUcr
zk!e+TaR~JSHk)T*zcLk(q}L!F>Gk&m<#Y{Hyvq1*fiL-)1E`s3?PAjmO6<(K4U&w5
zMxI=RcYF^Z!hAfMagfG3R91A-(_x}!B1E2Pi+XGSU!bj7!Jbk*-0K#v&;)Q*5RSvH
zLA7%Fk=@E5mHv9!|Cg|7^^xl^)mK?9|5z2>^Xwduvkhq+9B?L)(FO5^wEyk_p*y2N*d~y%TSAMRKS~DGInx*&G4+BU-4Y6
z6BLjm#V)tnPWc_5`(mJAQNHjxorh#XHLcQ={Ua$+*D@vi|Cd0#aL(d(
zx?Uptb}=00lft{>vY{DOn@3X-VauR*^!b)NCx03bvuGy+HUdxjV#3bxPgTN?wG|^w05UQrDk>kFXz+KkAS!pw022m*`)wpa2PY>G6t1AO
z14WvA8$9j+!$P~=Y$Jrv-}FP->2L5*P#CHeRS_L9{k%)PvXfKQzk*pD+I2iJu~!CY
z!`T#lWODG1@%eV=>bQbSq@5k^B}t3uEHVcAN^%2bnUUt^3h}g(VG919&6wl+@>+wZHZnjfb&Z^CZX1-L!iq2bY9yVace^5FgE66CvT+|!3&O=1$T!J64Cy#Lpe
z$wB2Dd0Kx+Np;Pgh(&LkM32@_BTi<5g
zkMtIOM>G1N->ynQ0qJ^z0y7La(;!7*U-CWQEF%zJ0~wnGBo;@G|44xzMme*7@2UTtao~Uyt+uT6Bw4#HUV-uRY-s=X{mO)*EaD>;`_%H;=w}9s
zLi5oWd+b>>Zz}A%IaM_-)|CdeAu9;OG<8?G8~yg&NH(ebZ4^SrJw@zM^9(iFsRkt5DAd$5kPI8K
z2{P9yEm=)Z0Xi{SWr^$M5)4!GlA+aLiRyeao3c(Dn(JE{y1Xn7z#?c89W`@N^Ja4#
z$4^SG)5MZi&;|TFb+7peQKrsjKeWc+t3UKHG2*K?;bws!n-B-4vOf6|poW3a!V8ts
z)?R-dBX$=R)5~QRU1E`DyZQ3${H5tr9%^C~fx!E(KwCv;#bnt
z*od>dnX;+QBa^79umFto#AlfOHQ+eOz3GJj?Zv*+f1m-#C$9f^37*cMod(*T5R;hu
z3HKORehQ=<%BSgVwO%HL)F$eVdpzSKn=>5U39SmC!K|p5CsqbRwpKa*Q{cdb;LSq=DK9#kK{4!Zd0gV`OC;bPn3%HmSX!uF}N{?nC}ky02S
z`h`PGBRi+ka(?s8aTx=H#qm*wW;FsHXr7~fUWGCtVZOc|1OnB|=nhgpD5@HQUk8`a
zTN0+F5@@CJg6_WTo(4UyjI2Bd74ApIjflxuC@JZHjDbKeFE6$`Y=S-K&jL~1IB&CZ
z>BEG-Gr@X8}S#!T5R{Z$kcbd+Z2<`&5K|5eYQ|7*d6MZg+%
z*H_!2wS&J4UVgY9xb`C!^G&DkySjS%K)aC$!&J2ziTdb5x!KiR|Fs=Vj{p75JY%@p
zEsGS40_{m^dCoM}DZ^QQ<3OFX*n4}3@rDw7B)RUk?nLp*7?PG7drwY>Ja|KWCj0RC
z5H-5IK=(N@EQr`8EfX!H?g*BX9lISK8c!M{2oXnASGrxexB|IdP#E|}+sc}KMjL0@
zfH>M$E0TGfXK!sE{%*QN?Ba|J8w^?Q{K#}OBnv=!C#s{oK0137MAItKpDXp+0`B5h
z^YI|+O$3wBi-XoZc}ljZLXrP93tWi*aqYTG(e81OAqKyrK6&Hz&wnMQo?E2<^XGXv
zQX(Jwlag=A*XF}5d}1SSjKk?eCmbI&zV>=ULHug$-5V*$s7gTL9x)ou*-5$6317BA
z(N}COZI$%Xi!*$zFCu7QXS<(rk%IVYj)(%o;}X8?@8D)9(^68BlZk<`o@5j*DV^EU
zSc(0<_R-zTpac^Ar%`5S^Xw=6kp^B)cMN
z03Pn>A{v$(Juz%thm3-A50d1A)>A`Bv(C8S;2v(9>*2ZYzxO`kb~qGM3i)vVeBNTq
zN=;scb#rsqN=Yjv%6vGHL~cvN`?Zj2`+}Ngjg60ecw%W&$U-PAkZS+ulqB>&a)lY#
zfAqga!2ya=%bald&!!84Qj+O27SK=2W%WFsHPIDM&n!mZuSJ~
zu|;^-qU{D4dK~?&*z=Ex34RCBFhqQM=y)PwwKz9nE65mHWV61`e0ahxVg^R*Me)Q*
zGCI7O4*jlJ2{o8C%^oa`5{d?Ef|X^RISWl3#PpZQsd@5wF7Wh!%bwo<=I5Ck^S#dI
zzXpun|21F~N_OCOeUkhyUGhGlID=^@L{S^=BqzgK_~3-&G5B<E`;q_
zjFGRmP9J3f91PKE<%AKQ?afzIpc<(LBvI-NCmN*;bX-kO`1~^k_7rcXh<67xqsAZ9
zDShAG1bu`C(x17=2ZrE(I^Tlh`G>>M;7++i*29za&o4oqZL8(&y|WUvF*yu2f|DE5
zh&yOTe@Cuy0X#JFFNS@KvnUO2)r{vTen>Aq9xk7V>z@Wc@f#Wr!HB~2T6g{GhJgxd
zZN=5hZfb4ib8>N^pNnW=aB{J&asjvu3l0~+^e>Y%ybH)>0*2GHnUZuDnQe8aL4Nd7
z5D;dID~8$m@kR#rqbD1;E^&G>XlQ8hADWYBDZkb9G~zQd;$pOVyrtju_hCOnQ(|$*
zdXUjzDwJUHMtM%Yjs=LMD);2bYh;xXt(#r~A&mZTCZ8K$peq$|xlLXf|
z*s2I{Go$paxd6C=#&S%tmlhal_e69mPi{u`Opzr
znZqTIE97fLEsG68VP}H48(3EV`Cy|{
zTUW!vDL-F>U}1JsLI$`P$^4Aa>JpVzy}($|eje*1#?1
zF)ArqW4^NZHw;>;Rg@yQO5Tx$ts4?2r*+0@utB6?>8vkNI0L7+q?lizz2G6+ZUDZ5
zSP(Im#7Wrwn3{{r&S+Nxuhg>GvXtIRv+3}0HobwD8&*)=&oK?>F0y3%(BtE|dU2c3
zcIf?78Z(BZ=-l0~R;)So7f_H~i8D)0O-X6dz3nKf8-eC@
zh;jnE?t}M?LEawW&32Q8k|a$EsLiBBj}y}OwJbwjZc&y`U;bA`vz{hEV!GHkh&Hlr
z(Yfp338=8aRxyYo$!@^gpvpCV@j9atOjMm#L~oaFCM3
zet}QpxCkSbc`q95OiOjsErQz%&BwZ;b70kYA$SJP^x!ks4s%c&7*~QNM#cLTP+DZW`{?@@|Eyf
zlK}ss5AGcY8B17?V3sGoRwp%)tMa@E;?ZUi5%`5`YKYiu8IV{#eM&i=Wxbx-*>@Bg
z(6d_R&vpiFPWUHTj&|0BSZKB0We~k28V$h_hmnqQ#14bfWo&_JMwiFAjXo!z@kd)I
zL{YfzVr_bFltg1L24Oolf@;=&II8U)vgOLQ4Vd!!owAOSIip!>JoP^$VYM10
z<@HtxpERl=QWYQ}g!mTDA*sYy5M9Fqc-!d+dL)}o6~n;8EKhr()2dzYTAwF7v0vldp912
z>6upT$71hqkxkx@BfVd2I_|p5lJ|r`FmsN*@_v#L<
zHMgRN9328
z%9);<6w>`4xcN!4nqebG%IR5&$}8GVjBa-DVGg~gh-nU%?Sl%ZNHkfE7IL&@AeOmB
z1ZIl~Jz^SI^7g{vkBCbX#YxNA>e>oEL)GPN39%5@DR|*XZj5<*i(oyOw^HZ|bSw%7Ec1sIf8jvxAD*odBp
zW?Wig)s#m+B_1~-3w!H=1g^bn9J_we4W@2{U|4cDP_Q}%OOCdpLO^7c(vy
z;Ob~AYR6|86cpZ*=hcv|&C~r+>E$~p(^5NY!NJA-Y4*me616`#o7|&6+xi?S1`Ma2
zIj&x*ee8*s_gEZC^pTqVI>D^f0ib0%zu#~&o!diZg72{^IAf>`l&+?{((i2&zF|I4
zt=3@%&oSA@>UnCX--Sqa+QJ)cL3O=8S#BD-SKHZnYZc1yS*JwcxF0UTV8;)pZ`Ob3
zdd;fHecM%z|m7$s-a`hy=A79%Gcqq&%(vUrm@LY9R
zDnBYq3MY93_{r$F=z8;=I!7MzA84Npu47cSYI)=HSly=wo-9sgusRDd=g&INN8@}z
zM<13S`jd9L))S}HOqmhgM;cbLJHy8sZJogmlK4cuOgJDwQ+)V|aS(d}{5@$aJR=I@wl*6bUaNFUZo%g!@oQ#Tmtt5iCR_W61Cbc6c`^Hkxc3$+r7x88d7o@kY$O}9+$ZLLE&yKndNp=~Os!~1KB
zhn)F5yEpQvo|(;Z^CC@@XYxqSZu(}2@qPJ|Ly=r(&KYpSx$q;I#QjUP2M3uX17e*m
z{a7ZOX}8}p!{X_UjHj_ONyqpe6apWTF8)z^+<9)BLzyu5bOcPVoItI`sLC6j{f$o3
z(=gX0W2S)Nz^jJ(`MTqHPtsTGQ!Oxfk*ChBzvi<8E@Lv6;XqwV>n)__{o^wwvVwS8
zV-_5PrKjrGoK)?Vnv-geSuVDJy7
z?V_HlhsHF&h*HyV0kUP%WQL$m_vtd*hwh()1_!q?o)B=lR3~xv5c9AYg70W}mf2nv
zWqb2+^%-h!FxK_U8|D!!OKAm81^6!%byv+FJvb
z?LRiM#K^M$FJyJC^9AIjwBw{ALk5f{4?_6hW
z+CbfoyLAtx7nE+Oy)M0z&Wj0;e5rHr!i4Awe*7zhUsRu_yJr91;({s8ou{%3M_2QT
zWiH$1`Buw-!Xj7SA!G9kbJ3_IU<7&2
z#;c?gsUQN6VR+1d?lk-UFxZ+i9FGA3nF1B^pC?|P{tCgr_pV50V+D%OxtvR$2<{6<#f*bd|)0t6V-eH22N_z
zfjP^*`OW088BQ3OzqL}gf#WfR5XFC10`gK}(#07bGeO~n_lIg9h9nxIP|f~bi)^{1
zn;hYfMAC_nE^;+k|32sf(iemMWfE5EJ}2&O(<$!`U*wGMx2<7RX#XylQcNl@;x%K%
z*bK_2!22WaZwjFX
z0{H4*jeg)I3_fI~5Lr~^6`AJS>KpAT&_%}-kbnjv5$;3i4C2y20V4M?ajxoL*ke};
zlEBaqjg8d0(v}}{uAb317ap^NNY_!}CD<{o0>rIzs&|=kIB{$F2Of{@#hz!7oxfw_
z(Jqp|*zYL)K1BaCIct%>OAY>DXPAF`iwd%UaY}WZi7{(K2(eLBp&owU+ae#UWfiZf
zEk8yJ6dFdC;SR<2sZ|`AarRq|3g;K^_nQ9pl5#@Cy?TJAr?2G*!
zY-(x3*V5=1is?k7sT{qJ3}IMy$$T)6X{D(ddcxIjd%C
zI#Snc;ays|Cy^!L_FFFV+1Les`Sk9bC8C-6cmKzknStS?ror%&fQ|vC!54-CGQ?CMfstGW&1{j*!i3)-;EG+fWJ7pj;;W
z7J0nQU}za+?iRyIO%T+uA@J!_%yOSh>`c&4R0eBnDA+3XC$F46iIwd^SDuv=uq-B;
zG4!XeEWF&*oC~X95~*7^GEvD!$Iy8}f>=2;^{?Q{DXSM!D~H
zjcnocfgir$h0XW*-!dilWnG%5tiwZP>VFSfx&HxKNy-dpF7;K&Ix4EXQ1)LubThL|
zGsVG99Bd{6cuZHx`yq@1%Fhf&Q;?C3C&R~gXxmzn1Xfl|@RwMwh;eN;5JxOKIBh_=
z-IeppL@(8_;rgVT)%V0ZIW^y;mDsWl!7^WcLWIbo%$%XB5*~*qD}{;iSV^Yw=Nf}2
zOa82mNC&MIannNeGYTPPKm~=&>I4d$_JGe@;>QEipMima!{P+I
z%=XL0q-R?tnD=&jR7c&VQI3iyn&3TG7I%@cS#*)1ps9UmQfhvP69!zr4i6~TgsByn
zRhJNK5vMdZ#TQgT{yxdTIIi66^xUC@fdgx}p25Ez_J_o(JT6e$6F*7ItTLA%I*2H)
z;O?=dP=dhCJN(bY?M8R2>ejq*;Pg3lsd(m61|5p?0-NJVFB98d;EK|YV}o+faE<)*
zy&N4aBmEzaDLbV8nQx<*kW}EPXNX2CT+2KY#JT`HsZPuZEJz4yaTBLf@TV?DzH@SR
z{MJ&nrTldVxUBiq9V5LZhIOh
zOtWBzrK_-4KAj%vb@&#n)bT_nKg(0bG&t7PTrFwnpH^+C>U8Dc)f-LT(N@g6@8&(I
zx6}?Z=kgr#{-Eu)B@w6Er=h+&EgzqGTKa>q-vmdC$CVwyb+w7o
zfqR*=aAE0!(iyQ08RUm(KG!2Ap`^sdmNdqTKJuN5rIr?RyVW=z8WXw9-cu!(=;-XP
zQPH(LTV1?v(yn1(@ON$1;tV%^oRLx0PN&(fjrG~tUa6hbW;r8wqo#K0+}Gq&d03??
z*C*acB^%S6tX~DX+V%b&Aa{+9uu26h!=0fdCTHet2Mn(-j9xdpROxN%u2|dV`tu#@F0@8k9@thDD4|
zTv(ubjB}W9pdg}wjWYctEW^33qcsYMN_WqUJvFr?S?wBfu6Cj{AYWgXUu8(>DNxO)
zrlh1cnX93yX`y6zF|8M?i(BZdWBpkXBM)w1muJG#6cq3zCkGrX;yf;=J;sa+gzcyo%^
z)^EoxPQ|_^*iUNbc&%pe-f~T&0z|;0!ZNuCuKnVTBmwc;i_DCuvx`mz@EYhi7VeSL
zkJ6M*l_rH9%qM}E@7Zts#qTd9;2=NbYIOYqH*;-<$p$7vh4vefd9#$5NNK7zu7M;m
zR1sy~roQ$sM_P-cRaDJQsCJ@zZzj-ooYUSOni4M^m2Y?05G3(Id7shHTW3lc^el1O
z3@DakT!`QxfP
zBmx|>z=h(_0qCH*s9Afx{nCEzb`*}zXbEcR=;)|cf+Gr3_j7kKRIvu=G@3@XP$zB$
z?$%3Mo*eT%>)ot-Gg>iJ5bG4V*O`puLn8+JOamq=RALt$gF<5n`E0C=t@I5{3(T1?6g6#g`W1kEW>Z*d`uFVE
z%*af*?#tdlQ?glc8Gh4~R@#ZiQ{P(ZQmdhTsCL*S=M`om?+vGxX%%>$4)N14zdUU?}P}`Dl=klQ^is$BmHOWzFF7yJ|>Sp0NQ>V`XVu=4`I^K<~MeikD%l5~RN(
zSYmiQDNBL6-v_K7jQcMG_%Bf<_r1>G-YYprG2wK+PvkXuFX`jvz6dTV4T&-mFmeRU
z1eP>~F}|VkV>=3K$&rC`)xTa|KeMsEos5zLqVEIy$~R{OK}KR
z+}(=1+Z&$yjdAafFF(Q=oMh*0Uu(^|=H9e~`3h){buh(&o|3(-XbdtN%RlnUtA+UG
zFJG)@NdX4ZcUr#?88}YY`9zUa*aH*BKjL)0uNT3(^8lRRFww3jIZAne%=TdWl$+&iYKy*e`hTlF&U3-
zyt#pmg%y867bg6qE#1&kclT#m#u@B;H-;cX_;db?F>##^z#8%v2jQ+KO?-3@)#HSi
zLB;KmN#2U(12^mk-n;`4129utE2B}7ztj}mq(o+F>x0^%by=*e#{j`g1q
zXWUHp`r}Q_CPShNu89?2v|DjKl;1~!!1n3_=&&%!{{gW`9>g+&Ac=C0Cjd(
zNOk<%8l)*nK}wIFU8>5kdP{R=k`+x*RnZ&EXt3f>p(q0`C6bWKxjvLUdPe0Li_(ll
z31)o`t%D>wHO+xf5yj`dW2PuFf43nkdEa1*V|A;&`g=J_u#n8~FUfqr%suH*2FbPA
zHpjLXja7S>Yr%S_b0B_>bg7Oc6Te$=9v+*QXP@`~D(5%Mh`q2{?W7o%n9ssZ8xVN-k}L>A9sdU|Pl~
zQ%jb=#oU9pa9UOSmcmlh9~L;M1l0-?Pn;!T(WyH^&GysvH(|FWSvOBXDcQgFN?n#2DSZ@-D#L4n_;F%&BlEs(1
zn@yjga!T57gn>`-^&ZfCyLLFQGnn|Hrfu>;Vd?ux*PfiLg}X#7E=}fkDwuB4dHwV)
zg@tVzkIx#!X3UiJ?}pU07WTvU{l(pwJ6R?xj|O7YGt_%#1R1iJg*N88F~fzNxZ2MA
z%5Tz7C4i>Oe;T2m4}bO#QmhI|Sg>%}gC%(ty)PZS7|UNA84QefZ3zU>Wx;v>xX&$N
z^?Xy?!U-xdPw;zmdaU)7#beCiayV9*{gB6Pv$#reGaolX%@*nI_Iw-~5k1I{gKM^M
zeKO_Qp~4ehZC^(Ebu%U5kzki1L6V_w6{urDF<~}b)5ptvAi5cwm5@16*%FQi3uCTg
z+!PpFgz2%J?^2+9knLPN!YOr1pR}#-DR=puAzB!?LKLT8-e%H%U1A`%1F=Q=yzx&oOmR>fvf8eeKlmT
zI0ls#U|v-i`g^R8iHj}2x!tpV&|C!1jm$N&PulezgEr~)UbPE!MV*!oR~6rcIdM#4
z9*L0X#9i^5d7`4C
zD6-rBQZBeO(fpQia%K5Wr3e0`9j#R==)O0g)uh!h;X+LR?~g_+0WGC5C(GWaxBEpU
zQZIK`n)g1{IX8iuQT}^oA$%cd^S3EW8~4xS?vZ$Id9^f|anIf-Rsw#GH|r`Kh0;%c
z+Cc`C-3P-ElNoB?VatFQ5VO80t-R9SkI&tl)1{%
zQOWUsT%@lvHg#p_Je$k_H>4$H6spj9T@_*wPrKzXxDtl7Rj>AWAhlC5D&(LM$Q*EG
z2>N7Y*sqokgjc0dbH4h3SlkA<|~9$g{Qr9SlgVH3YoA3nV_C!M6QyFE>s
zg7!EI-67kHH`%;ymaFZ)$nqJUc_#zi$9fW{hRe!=5t=jcTx#@8O6_ZxxWm?J74$m*wYL7OMFn+}u
zwe4O>Noq=J%=nsf6=vq+$jGInG10q>(t^f;MufYH0??st4SWZgp5GOeOxegL>(ha9
zhcGw1L<1o(lX%eV+
z#Zm7*Vt^pS3^d<#uNF@eIE
zppkN!t2s79lUQZXi&(hb8%HkMVH$tanG`P0o;QX|{DUr=j#ub8y01w-F6
zx>ayJX7+lYm8EF!kMhIHJJu6*U=z$8edCjJjSD2iym@dx^qeLKGSM*rzkK1Qi>B+v
zLO7ZUe=7*#-uRfNI4XusT5)?e%b|%*i39occrkq8HE3c5G93OjB
z$dN_g9{RyWLUp^El=1r-HE)fQYotQ}Ba&jM#kz#1@=s
zxRD_Djui^u0kN}00o6%Kj`ykuuWKhmY#uiBEtCqMv5!SyX
zdL3bqRm};OTzm;`_!h@FSVcT;H)R62Dfevw?l*jOdP6S_#y?-4{#(x!MAFu5QB2an
zF&p#vJeIF+nwvrCez%sD&b*?MarIF9G;?14i{`-l`}1?n#cK3w#f%gs7YxS#
zficw%S6KPi`{8oXWoPvD#H>fp3%oKx5(ReC&E$KATkoaXUJEuW%aVgS4k#DhuT7=e
zowSXjgpjHp-m$}lm2vD{2Ay`>X&JLs)7CuT`0eTA)6MT5`@>@%J*6eL?$o7H?<&_b
zyqe^mpK|)+RKaT47EIdpmK7Tn2dS>-77@x8nNKFv3Or9=RBw-oUS3WS;R`qK-V36y
zMj>{!sPI13A4?MjR4+KdPH1RhdeLglv-K6+3Y|9Jnz2cPqr$z5_B->65V*n(?~dF4
zq%_FcA6p@70M0%9A<>^3_~^9yIfB&Rv_)EEI_Z68(Mr!E4`okJZx40iH1@K8+B8Y_
z{MkvuT!#*8@^>-N%10pmVLiow*a_!PMm{S!4AUcuZ0>v#sRk>jk?AzcrlWQF)o3(2
z=qg9iO^+|M6bR5ZCMVpC{+-@yyYzLnyqRu?qw;8B#s$v5Pg^BlU6uMH
zKOo3bKbdl6hXDO6DI06gX1r+aEOW-U`hL$OZTZ^8`I|}($ZvMsesUXFO;CO#80^DG
zmlc7hMN5`xfCg&K`bo^mp#8<@ZxMEMHhTp&qu0EpX+Qh{8)~shhh?Jxn<_jJeWw!p
z{RTNgYT&Gg3tSb&0y^k1vR5?DUbJR0}pe55c?n=Y)$nK_QBRgx^8l%I#n=5>=*
z5|IcY{p&K}$Ew(8Meq7@yc;DsmfhjF-u0Xae=o-t=`Z{A8e2a_|IgRM1~w_l`U~M@
zUXi!^xEA}JEJ@^mlI(~hBLxBkfA~dRuD3cgkG7vCky6P8V391n=IktWPSf-nkMALkD-N_BzJNd{yakY%~|~uM3Tb;m4wKp+T7iHUwd>im<}=buLh5BqB77Mz2y$wlI#w
z+b(|Wfs(0~@YF8UMQIK!ll
z{twy!7oe={>)rkL_<|`u9q47EocvyfdP^c-yMyiB`Ok3vv$niHtz3b&s&b#X7AJ^-
zlFxn^sOF2VXP^4X^9^{(X_n54P>o_{+DU=512@0RYc#*LG{5x@%`IgC@M)U_zigev
zk%H?6G8IuJY^1xm`f77e0y2&41XdBJL0Aec`x;eD8-c$j=8w-s;EUr4y?_aM`XVz(b$K`G~i>~KKDqs;DC~1G;VxFHU_!&N_7HEm*
z=Sm%T=?0|XTAacG_QLm5U5myVm?K^M-9`2nMS=jyMhTxAqlC0VeQ0W{dn0Z!fAUd0
zC5Bza{P~r+3`i~iq+q{s?*94fOoq$%**}0lg_H&_+Os|U;jB3{;rqyEoB3xV#GYU?
z#3jO8G}edM6+Tj_A^2@4&upT;^>MvWTTZdyRDV|?&OI8;U|I+Qlr*#dft~ZYck6&b
zB=)TvkHKW+Z&=NqzrNxbFE2u=8#WCFR&8DPYN&V&n!nO#Yc{!7ulD);3iC|7O#Dnk
z6og_0-E`v98KuGQk27@_Cl-roZbe!uIb|o@AHQ~(uC#U((-CVu+w2Bo#BU?l5&~(Z
zB(qW<<*+5)B=708KOO)An%!j@lynA2XMzg$R^9acMn;C7)=9;KUFq>m0RCqiy*1|F
zo=Jt9KM-+xuO9K!(lNQ+p$R7m^Z-mdL``x)H$Rx`R1g2U?woy%@F(Tu3;Y&U0zrhX
ze$|-@N=k=_#y+d3DvHDQx-}D_*Z7rcaRy$2#`7VoADFaB-0(KDzdajSZ()B$_n4&&
zn{|(KCE%Vh4bF^Yf^b>|jZH8j^W$C%Wsy^L8rPJfUqth!f$POr&732*!H$vV=@TkZ
zSwi9FRVgwT2n;8FcMgWtc5+23Z`b$dVI5hv-Qvk{ROHH?etuK~I_Ni0&*`*bPBO!(
z!f7~QCV=(vteG_P<()M#QDX8D$B{+B#{UxzKAbaj{2JP9D9Hp>6Kz62iyP$VVrO?=o
zG58Gk3GD?1&a6(Et6->hh%qD}In9s0rvQRP*eV!X91i0+Q9-RlYSts<{gAq1I@v+&t7drS-Qs(d-EV1^Iyc$v
z{hT4T?!$g|r@pWjT6?Ok5u!D-2=Y!N*h^1Ow@Gi>nXMZi$!q^C<#}}Z)w^C^vz05a
zTFqfI4I#Oup+ZY*F^!t<;D@yB^17F`CwFelH}5>P_@^{
z-A$ceTg>j2|A}+E+HN8yft{K%v@InjlH0glZ2nd2;)bl7+;(L1JZ*mQgU<6A(<=}6
z1G)O$=t2w$merhe5V_N&fm7s3Qz1Bp+lan!OkOV4wYAnN`}f*h6^XgoZw4iQ=)d5V
zZ4b2KP3+!9^!3`j+S+0A|9H4W&ejtX6V_?)M11s&jNrzKZK5Y^SexD{7>#MGzI2b>
zPDSi8C5StGW`q=>5eOe}l_5Puo%-3;%fX)eO>2=aqRd;W-mT8B*?~LZgC5>?%NFPM
zl?Z-^$7aY+zX%52`Bs{ZwClrTO)I
z37sZI#w&YgnN}l~;(fg{y?D)egAS>TrZFkaUPy`x*KyEQRn}!QyHc~k6L_1utsl%G
z$+V)Rs+!Sw?)X71(pe@7a;R5aP*8dG9r%=;IRrb{2w13m57L79-is+i4;&NcD4sbz
z=sW2RhtjXKhadHIu&{(H4|CQ^N3qdHtoWs0`G|rnv*kE1q|0SFzy?!{gj%rIaM!Ky
z7B5D{25b3vwaLid$jE9NCp}m&c}sn#eHduv_nl65*?TQT7$pv$7PHu`!f}`e%AyQS
zNRaJ#sCd8y9A+gfRg97HJLpigYd6|lgC5Af*Fv3cE6Eh{PFaeUD;#vadYbt=tp|g?
z_TW0v&3yz4q9DNN{cqN?r(W5S63iIYv-}qWyx9wRC0V+K59f@KXBcbPn^dooVXF%sq)-$6S+DAg%>F}hnO%cFZ_!<^AyhMfi2XqhZ0cr
z{s3}jQIEOGoE(Uv&Y;}hOSi2#n>Jnq+a#^zVD>swDWUUTznu%Or92EP)iNV$>!F>+
zgR~$2($I&pmT}5y$lL96(?j{3jw|g-*pJ7ng%dFFFh|IaPAV3`2eO9}QS}ZyHqw|$
zIu6_(zf*uEj=rtm_vAdoKd|r%+7A#HFZpw-i2U#Kz(RtT``-cC16_Gtff=T<99L^)
zrH^0m`+qPvb9G*YY(O)U^YeUeAO?`*X=}KoSL&S?y4b3{66neVw|MR`naphzlaY_m
zLQ_w-{@b`9-Tr-6-7dT6pmO9F9jk|Pu#vLu(b>)!{EqHGg<+FE>Fm|4ps#UW-f)aO
zaR`O-cz(q^)KS`g%L;n+GI4YQR0&Bw4
zT-baEIfj2_93EyEfgN%Hk9At9iF3S1I9|Pp7GmzHW7Ln{%eDiF#?j2iKZ51-z$Z@?
zHSu~=^@MmKQr3~SE1Y-T24P*_w{Uuh4p7H`LX~aXB|Jaoo~PlW`|XL7R5-tHxzto=
z(H}j+_btz+ieyPM^C@&juhr41Kickrz4g?DUUU>ldpuVqI>ZOR`bhJC`uD+i>&ev^
zNzb6hdyGhe_Obte@8KXoA*jsD&+SECcj-H)ccK6HmdxJ||69XXW91`|B5Gcx#1`abyk`+It-s!r8fO?Gv6S6%sA
z1=Z{-@Wn1h^Hc_W|dEZQS}62Cbvd5Zn1(
zS4Zcp22Ri1|4P3$VBiq&y0qM%DlsxL3JVLHgmLhE?pUKFHqSg>phC0>XIa0E-c~(7
z9A9O6weBiMeCGd3asC1J&~H3yURhG=zG})+YJnPR8?$w))E?7C64F8Cl7z?r5mF!v
z+*<*_-{lr}jWW$D=WVELG83#Naut6a-D@Dpz@3zMb#HYL%BpwlPMr1|z_}aSdcGFi
zI*p7ha|)ow0BM>QOzx4#Nl_>0H92o@4JK%Udf*CM-A6mP{%g23z$>z2g90L85I{kI
zLkU*a(TPBW7O{tQ!kI}+zrQv(H+wD7a`m-$8R4lUo)260q}{Qp6Qm23tDOJuU6>)u
zl{;=pK8~M8g7x|(1HdaI${R_>bA;;d)9Zg~yKoa@4KdT&4^f%TUv99l)`1k33O|7`?E7>YEV&YGa
z-T4bLS~;COX$84o+F_NPfq93;|7ybk;m!ajL)l
z;!L)tFK6Q4h|c8N#zOhm02YHAVYo4X$%nT=W)vL?H4(>N=TRSQ6peW
zc0AUWJ`YUkh}uR%Rbq$f9J4a-0Z3=qyGz$0o+5a3QOaf&O$;Hzs&C({)xbDj3-EX+
z|8)CCZQw8ra+A4k?#+Y^(VKSJuzsB)$~uls&Fy!dS5xQlg`*8Qup`U7cdJB5Yz1q}
zQ^uc#9VTp!2o#^~k54Ecqf_~z;6?9c+$H?;t_yk_05{Ecd1rHb7Ii_eea9yGqAO?<
z@msr{5j#U)Gvf2`!`pMaNQP-p$Y+p&`!6EVqDXc6@}dMHU?#XV$f-x_-$6HDYjFEU
zk=SX)kRMy;T@*tigRvT=2{xddH>k;!Q1FO^A|0h7b4R@HLnkDj7hE+RI1n|v&2Pe>
zN5jxNW0_H&?m?#N$pYKF$Kc?oZch?4vm8>Yw1&yKoQ(5A;GA&cAG#Xy`$fOM4YROpYLl~RP4
zlu0LO@|N`Q()oC$DsQ#&M5-CH%4hn!@u`ociVvSonXQa#Px{bXz
zW8GXtVPCT+LecFtn?u373{>bKgn5^-)eYSy+Tl+Biiz(AkM%KngH6R$bX_jRb1K;`
zXLP%{VT~cb*GBr_w!O#|^8$5RQZzD8IbgFj`#plpX*SJ{y}>B|wuC*$;Dr%wnel4P
z77<|;*Qk+hRTs42IQjR_&`QAK`G;dR>S5z74a~W8XHF&)J?GBra920Q(C1N(?;BQn
zMKPHp%_g5KSeMF5UOwe~Ih%*D!oZ&nx7bmw*RudQ>+F7soE#+Zf2
zv2+$<^@lIaecLT|Xpf`c2ukGeeoJwA9(}aCw+&EbsRIl36
zUl?T>`hyytnF@Wly)G)7rs>sfeM8~uGthpTu_Sch*^lA)Gv(I0-LAV)ybC3jaw5*c
zkP_t`4nObkoF9fiF#9OHjd`pm$X_z`e))^NV+H$Ew99?gA3>pi1^v1;2C)P2<`R`j
z!=`22)TgqsPD7e5{=2uRikDQdjD}uT5N7{Z&$wMIhRZ8shxyUEI2ywY%7ru@J35mS
zyUvR*B?P#s21O9QVXn%x1Kol#gI-wF2e%iq!B=o~L0p&WBl4Uxn%wFA!ove06r*r%
z8<%f00P6uj>c*KsABi>_mh$SaU%(hs&ld=~g=%FwrX;4=>*aQlPZC=a(=PX?gOAFp
zpB_`%ZIe@gn`O5NB}qRZRMr#tw*3<+bN_(8lZfPh)M|=i*10$4F4!Kz2OVI9=gm12SU8!xrYXr78!0qLZ{-se{!y4vd5(J_5H|W
zvItJ%*$r(a+9p+%0^z}lF<*~0bXc;zTEu-P&jbsTPVRcMWY5{%&X_^4M@41RyDtZr
z>@OZywfj~<^kr9@*7LgA
zrCD;2z_W;gti)jG4sZ)e&7O@fJ@bqLsmO=4hLlTv7-b#hg`z5f7{mO?e2y8X
z_{YCE)%^<2bJd4IBcC3Fsy05e=Oe&Y$9J&RaV+5+ouQbX%Um)(1^gx3PFc!6H!(vk
z-Bar~`#)Nf1Fbyjm@XyVQK!-VnS##!$U5&ZALym55nRu(
z`lIzNs2F=r*-^GO{j8Gwsad{Wq1Au(yC0PqHe)A}JK|3FW%g5WGiva8b`>};0llr!
z*}9bq0fmXb+K>+*!9FjB*A;Cd3S%Xb4KWa|cXL;2_&YOtL
z*>Fxyr|LZRn|*YcrE#Ba)BMd*W%X}p>C7E$KY)g2-qZfpG_mN;=;qh6%SxkOos-Vc
ziUvrOZrE%0){pkgm=a1v278M|IVtXdN9H_89$Gg-kqIPEg<=e{5>Q+c$!~J$URI><
zm+Z)?!)NN>fyfjHhA>_osQ>AjlZ19fD+1Pxq>-V7c!Dr0v!K)r3|X
z+tY~}ITGE)r0J;QT86-wz@1Q#FB1bFsb*g@5$u^fl&Ssh9w+S(p;Yu$Qgmmn1DZED
ztKzXU4ToU;F+H}JBVE}t3D&;o%|ZQ#it<31`4Tf~l|P}?w8l!Gx$2A4eE8fcP$
zYhvs;oubSzgoSezgvEvaYRbKZnR2M)-Po6@7g`qfj-weS*-ez+z@oIY8DC}pwJrja_uxbWo!2?hTzC{>tMxOq`rg@*qoM-9xQk4^XxN=&jRbiE5S%H>or}-~P0&
zI#aq|z}6&t>Ei8E`dTK2X8}!N4{%k>uQK6~xBVW-X-&GjU^kk|#($%#Wk+l>^FiSH
zLBmiwyH0yWFa+HC!!zQYPAcc+9;&#mD&F^)b`Sg&{ERfH{uP(WE{~Bjn%^7YeTck)
zTjcM$vK@wuu?Yq8aHaNh{yrA(xV`a^RF7Ud>9hd?fdKpr=Ej_!#*MJ#0-ec^L1w}3
zs&Pny1usqcO=xDym4CT{mxM}|o=|KfJ~*S&U}~)x4=;2HxMa4uV!A?ETT#Burt!FN
zNU9|~tO>XrF|`};YUA{-R7bjQ5ISnbW^i)QDzXLPS})hc#hHAh(jK2N9{E5`E2
z#C0V#Jcqtp8@Pk;=0<&n>gK_ewnX1!Jntd6{Z)E#v^f&zUi*?t1i{3$1@yjk4eK(P
z|L7AR^B(j8DIdnssIHEeDMSfAU3&M(C*?wpa9siC9lB%m$xJmDobabl2_%OeN0F~C
zbuJrLN*~8AC@DkbHT|WO%2Ql3x2!@;Sxhxjx-ovqmKJ-=nN=pW;Eg{weK{}|6i-r2
zHRuPI{Kiwkj)$;D8|Pl+-?^@#1G5a1D3yq`KKhE0mQdmr&cH8KAmeC)>L9?+B-oRc
zftsbNfhi8dmI*A?$)vB_^@nRKrD|B5=yq^UJiNfO2@53^+00cu{t-pmD4^ii?+F{q
z5&1aP$-?Qvc$p2o0$pkS5LG`mO^*07<42Ok&q+ymaSeHh(z+kr1jRjFCz?@8evGX)
zfXrfbp_W5jxSIB$O|7gGr;<|l;FXRJKF4oY6dwNu@U
z7(IO+zie@|TgKl0rvm30$ktr#aQ~~nH64lw&CARC_3PKbz(8eXWo&Hh>8YbFn}9%8
zzxP#)9G`}k9yTTkHUZZD5#VEb>}S8iBceCiVW)fgefHJ8TliF%rAJnpwTJ+=f1PSO
zMWT@W?Y&Kdg5dA!h*Kv3}wShOOG*2
z_Ddf$D!!Uk!~F&(eC~xVI$(6pbHz#)Aqqx2ziIc`3<+o|L;!q*<$c1;A;Il7I4V56
znwpxyD6T)oNf3yGIO2HQMMp%ZAr3x%0#UhA3A-d$Ltvope$!ALXZ;|EJVr=^Mq%;q
zJBPPz)$I&7_scr=`eFe6*YbY6#JVFxmzI`bt?Rs5URqiT2M>=3*Sh>b53}CZ-|CZ+
zlKREbMv+Jh@+s-r;Ra9Ug*|)6vWAO11(u5a4pPz4TRk0>4E;u3Q}&_7%FglT{QCN$
zPhB~w{8}QmIuhqovYM{?8erdU-&V$C8poVEliRz!HlFyn0GDZuEo>*Q2WY#wT0?=O|8q+FajNbjg`E-ou&|Jtn10P4mqtRmzU?K;%v?K8Se|15&>_Kvu1ytVhg+n
zv4T3nvYtfD80KZ^ja)6aheQXfcDB(rT19nrwRBBQP%_Sp%cl*4zMku&Yz{l>CX7U+
z+ZKt?CPzy%-e%r0{$H3n+5=-n_O0o4lZ}oYM(dHt!2zz>kD9s+{H1BUN`)RBTH~uX
z&g@tnn#c%tBU_^l;lIw_Y!~3+5eo8`dX3?^@sxnP+poUk6so#B4jJ;p7M(Y1^jFbB
zVd8`T{#iQb#|eEtJv*zatn_H3K*y`!*xVe9q7FQ7v6$6tus0l}la-T^si49lj?$)&
z4+X}(!QHG2GLHKpLW887#M$~yMust#Mmz3fqT@c8HQ`(b-7_+LztV&?ViE$A{T|Bx
z#*7OShn3#z*}F@{D-Io7*a4~jm~{>NXEm2qE8gmSGPL$%471#WS2eACm{gen<9V
zZMUD(z0RA*j#dgqJRF=>EMOJ;-u5;wDXG4u=D)2iP
z&temM)tNyKCiT_oH2G}8m(89Tsqt{Wf4r9t0!7o?WmSG}QzuSR>j`7RP`6W8SJ!X9
zu~!WKEpK--{FdTH*Za{5F+0)P*ORK=VtR>jw!G4?Cq{|Sx*-Uo*_JvvgI79!b{fp#GJvEclf@$Ri{gN|#-3aOt!
zn%C{zY?Nu7A0jH6wf2;>4AXCO0cia6?hKvfZl)WZhVn>ik%5+&SoK!V{`7q?)Ve7=
z`YI8ahO1RC-nLe2GPp#f<*vg?wdT~YzeDgbp!!R-ZMzwVc*r?n>mny2^wZst8p;S%
z{I_P#reduYmBM%dgLsIuO)7G&3yA$9QS|~Hv8wVn-j1GEH__N-Aj*PLx6I+Op!?`*
zsZQ-!4l8zIZ)oD!1W-|VjF%`nSjWoIa-Q`koZ0kJHw-^{uBU9lFO;F1M<%x3>LwHL
zS8CVgaDd?ZeZ@jLDOEZ~I`W~q%DAeyy1I=Gu3J<)mv23FEWg+;JJ6;O-c(>M<%vgAJ?gt=Po_eLu<_EO9hbX)u6|9AOEGZ`L9_By)xb
z2gAaw()iK*C!QYfF4oozX~%V%s;ehPN74Bt+VMq;Cw~UQ0#MY-(S4oo{UM4=bvCou
z>B(5^7pKF83LC$bON2C>`dD0v(j_%+tW0zA!d<{EH~Ka|^F$`$!;_fl^GN}^Z3;2;
zi8FTsDZH+t>hK508|ySjI%=-X8M?)e;VBdqOII;xCLby@gVAMQR`ykb^-QL-N+`ze
zSQHl`&}cZ$Izi%ac=$FQTblrz@
z_4~SvDfDU1(Pk{#3VHDDowYfTMXV-V>3UR%voN6Q+P<9#H!&|S|Ax(eD@;XHrf-EQ
z&q$cB#5f?$r`9r1(?grhE?j1uX?Y``$+e07FqDdgWo&sT5@Hq%8lGZ69m^?e)DYuG
zP5xUT!co4IU?kR79NV_;mPMmNylLPygA0kk0ZpGw0huMuKJ63gET1aXSp}=HRcuLO
zokc+tacMM|{WOWk#0%j@o749cF49VA&6=60yqK+KuTT!FbcW3UoM1=UGBvl~8#%1V
z;75|tb6Gr6&y0L^O1x?1zUaXF?HWhk*=R*1&Av9xqpRFs@b%V2YJ
zbLAJGv^DjfD~0GWp1f!NFJHdUhKiu6kc^*^xT{VNxK#A*ycjK
z8_+)$JD18~U=X)CuA(C%250KbFtA5#4xML}^E-CDfoyGV1@WDz=|U=1_8_$BN0kcM
zNc#)=G8eSmxX3*7)QRW_;^!7XmBB
z0XlaGe!MogmzWnCLW-8JJjK*=1Jm@ar5P&2hur*@Tdy@rB*5Q^Z
zC4b^uU5XMYxQECtvzOX%{&9_suRQ-c`
zO5b)Ut{R)9IAaM)%uzN0`z$j&7N1yVcKjuUaD&)bM)Zysj0OIfv+DH+_7fT(R_JjI
z=$NRVwW^1xPcgffi3judKJe`KZe8&=FgIh4f@#b7jO3O`-rGQA+OZ3H6z}hnD{eaT
zYcj=;$!YF70E!ZR%jo4$nJ~rP+CSyfQLl6S&&xC)T;VrrRCIJE=Kf+jKfqk4-Q_bL
zD07wPO#U;WaKX}}O$1HFS1
zCWlptoaP)Vz7F54X$j@#)IM#I)%oPWU>;iZuy*4h4Lf_+<+o(g4t{CO{L7qj6G_12
zW$&ni=|9~ru|lme^XIBRpEt~cAz>5MZAR}go$w_2+zG9M^sJz5xO{GFG3`-Y6>Zi)
zn*mmqs&@*5EW90u8AbSa)Qo@kE;*a4upa{hnRQ#zvau*^f3JP9ZW{Kg|1pvf7UYAM
zbXoZs4+jftsqf9V2}$*)nkzcdnv~pmG|6mJI^^~BGV)xXxk8*oF*i$@t1=s&J~d_4
z9`*J(zb`-Vk_Oq)i>AX(J4rpE(H@M{9ANAFtJYiCsM7NhyfWt1r=o{R%Xl(%7wF<_
zDe*r@8wue}(l@WLB}kUoDPmZds!u2o;xwv-eC)Xo1XJX%F7a7n*`8F!<`;TPw&u?
zqczYsma%hv+l5W!gU|Rpv#moGb+;D0f+=pcohj48NO7Q8J36h&cs*UgDl#jH>;|Ma
z@GFH_7;THTqJAB8&W2Mj@{w5lDLYl+wW_h=w`NZznYQ6!Qe0hKnv~n#q^F4%u8u@7
zKWF&9g12vJiVrWbG73W6rSB;*o8P<52?Lx}t%vMs$_aGlbz7ZTdUmypyuNu#%Ufyr
z$;sjVR8lAbqrXG(IzAe)@lGNMOSB2A*3Ye08eI0Me(|yw>D9l;TXZXgHU~Fg58AAQ
zIEdMy8Z%7X>$9Jea;Z{X-I&idc{o0x0c5mPVzJ*}!Grn1+k&jA<=*q<1TgXiWP^kk
zaZzsQv9!>b`l8k;w^}$(spv7j2VI~Lns&#>NS_y0JgSN3yQ9~9AsuE;(90U$DP%^5
z$?+CF4ZzlEoC=-mXcq7h9nC_sQf0#J-tk+)cvTFX_keLH;O8
z9Gg~@asq1>ikf%mnLcKd%CpXop;L+?Y!Q}!R&}9VXC+}4xxrdE;O`qDj(0I5=ZR0J
znUAdd`U!AmnO!ze+dh%G9%Wf9GudT7Q?aAeE@A4!p8+`@lCGiJ7?C=m7Boph_j-#WtzLxaHpydVy
z#G1;$$;rvi4(hk@o`De%hy?{ZZv0uFSJkzZ?w0yBW(UM(=cbNRWj$2Cn{mv4I)B2o
zm?;U`6y5!=44>^4dPOKKL+Sqho|>9^W_A`80WM6e%aj!r6}7vo3%1u(ik$zK2KeT0
zmXA
zUbS2R>{qr1>}3gqzyG`N!FmV!?_w?Cf7m}TFc0BBHUvywhw?vi2W$bQfl1^1_bCAw
z(D&cPf3W=P)enXLpQ5CcYF$)vYU#y{0ub>u4gcqD`zPMAb?qV^8mnR#94bTQpZ|Fq
dl4N>!F1TBW9kL37>b({zEiNxsAz~Q#{{S-$C;tEd

literal 0
HcmV?d00001

diff --git a/windows/client-management/introduction-of-page-file.md b/windows/client-management/introduction-of-page-file.md
new file mode 100644
index 0000000000..4f631455ee
--- /dev/null
+++ b/windows/client-management/introduction-of-page-file.md
@@ -0,0 +1,74 @@
+---
+title: Introduction of page file
+description: Learn about the page files in Windows.
+ms.prod: w10
+ms.sitesec: library
+ms.topic: troubleshooting
+author: Deland-Han
+ms.localizationpriority: medium
+ms.author: delhan
+ms.date: 8/22/2019
+ms.reviewer: 
+manager: dcscontentpm
+---
+
+# Introduction of page file
+
+A page file (also known as a "paging file") is an optional, hidden system file on a hard disk.
+
+## Functionality
+
+Page files have the following functionalities:
+
+### Physical extension of RAM
+
+Page files enable the system to remove infrequently accessed modified pages from physical memory to let the system use physical memory more efficiently for more frequently accessed pages.
+
+### Application requirements
+
+Some products or services require a page file for various reasons. For specific information, check the product documentation.
+
+For example, the following Windows servers requires page files:
+
+- Windows Server domain controllers
+
+- DFS Replication (DFS-R) servers
+
+- Certificate servers
+
+- ADAM/LDS servers
+
+This is because the algorithm of the database cache for Extensible Storage Engine (ESENT, or ESE in Microsoft Exchange Server) depends on the "\Memory\Transition Pages RePurposed/sec" performance monitor counter. A page file is required to make sure that the database cache can release memory if other services or applications request memory.
+
+For Windows Server 2012 Hyper-V and Windows Server 2012 R2 Hyper-V, the page file of the management OS (commonly called the host OS) should be left at the default of setting of "System Managed" .
+
+### Support for system crash dumps
+
+Page files can be used to "back" (or support) system crash dumps and extend how much system-committed memory (also known as “virtual memory”) a system can back. 
+
+For more information about system crash dumps, see [system crash dump options](system-failure-recovery-options.md#under-write-debugging-information).
+
+## Page files in Windows with large physical memory
+
+When large physical memory is installed, a page file might not be required to support the system commit charge during peak usage. For example, 64-bit versions of Windows and Windows Server support more physical memory (RAM) than 32-bit versions support. The available physical memory alone might be large enough. 
+
+However, the reason to configure the page file size has not changed. It has always been about supporting a system crash dump, if it is necessary, or extending the system commit limit, if it is necessary. For example, when a lot of physical memory is installed, a page file might not be required to back the system commit charge during peak usage. The available physical memory alone might be large enough to do this. However, a page file or a dedicated dump file might still be required to back a system crash dump.
+
+## System committed memory
+
+Page files extend how much "Committed memory" (also known as "Virtual Memory") is used to store modified data.
+
+The system commit memory limit is the sum of physical memory and all page files combined. It represents the maximum system-committed memory (also known as the "system commit charge") that the system can support.
+
+![Task manager](images/task-manager.png)
+ 
+The system commit charge is the total committed or "promised" memory of all committed virtual memory in the system. If the system commit charge reaches the system commit limit, the system and processes might not get committed memory. This condition can cause freezing, crashing, and other malfunctions. Therefore, make sure that you set the system commit limit high enough to support the system commit charge during peak usage.
+
+![Out of memory](images/out-of-memory.png)
+
+![Task manager](images/task-manager-commit.png)
+
+The system committed charge and system committed limit can be measured on the Performance tab in Task Manager or by using the "\Memory\Committed Bytes" and "\Memory\Commit Limit" performance counters. The \Memory\% Committed Bytes In Use counter is a ratio of  \Memory\Committed Bytes to \Memory\Commit Limit values.
+
+>[!Note]
+>System-managed page files automatically grow up to three times physical memory or 4 GB (whichever is larger) when the system commit charge reaches 90 percent of the system commit limit. This assumes that enough free disk space is available to accommodate the growth.
diff --git a/windows/client-management/system-failure-recovery-options.md b/windows/client-management/system-failure-recovery-options.md
new file mode 100644
index 0000000000..d2164150e4
--- /dev/null
+++ b/windows/client-management/system-failure-recovery-options.md
@@ -0,0 +1,209 @@
+---
+title: Configure system failure and recovery options in Windows
+description: Learn about the system failure and recovery options in Windows.
+ms.prod: w10
+ms.sitesec: library
+ms.topic: troubleshooting
+author: Deland-Han
+ms.localizationpriority: medium
+ms.author: delhan
+ms.date: 8/22/2019
+ms.reviewer: 
+manager: dcscontentpm
+---
+
+# Configure system failure and recovery options in Windows
+
+This article introduces on how to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or stop error) occurs. You can configure the following actions: 
+
+- Write an event to the System log.
+
+- Alert administrators (if you have set up administrative alerts).
+
+- Put system memory in a file that advanced users can use for debugging.
+
+- Automatically restart the computer.
+
+>[!Note]
+> You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure.
+
+## Configuring System Failure and Recovery Options
+
+> [!IMPORTANT]  
+> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur.
+
+The options are available in the Startup and Recovery. You can also use the following methods:
+
+- Modify the values under the following registry key
+
+  **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl**
+
+- To modify the option on your local computer, use the command-line utility (Wmic.exe) to access Windows Management Instrumentation (WMI).
+
+Follow these steps to view the options in Startup and Recovery. The registry value and wmic commands are also listed for each option:
+
+1. In Control Panel, click System and Security -> System, or click System directly if control panel is viewed by icons.
+
+2. Click Advanced system settings, click the Advanced tab, under Startup and Recovery, and then click Settings.
+
+### Under "System failure"
+
+Click to select the check boxes for the actions that you want Windows to perform when a system error occurs.
+
+#### Write an event to the System log
+
+The option specifies that event information is recorded in the System log. By default, this option is turned on.
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set WriteToSystemLog = False
+  ```
+
+- Set the **LogEvent** DWORD value to **0**.
+
+#### Send an administrative alert
+
+The option specifies that administrators are notified of the system error if you configured administrative alerts. By default, this option is turned on. 
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set SendAdminAlert = False
+  ```
+
+- Set the **SendAlert** DWORD value to **0**.
+
+#### Automatically restart
+
+The option specifies that Windows automatically restarts your computer. By default, this option is enabled.
+
+To turn off this option, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set AutoReboot = False
+  ```
+
+- Set the **AutoReboot** DWORD value to **0**.
+
+### Under "Write debugging information"
+
+Select the type of information that you want Windows to record in a memory dump file if the computer stops unexpectedly:
+
+#### (none) 
+
+The option does not record any information in a memory dump file.
+
+To specify that you do not want Windows to record information in a memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugInfoType = 0
+  ```
+- Set the **CrashDumpEnabled** DWORD value to **0**.
+
+#### Small Memory Dump
+
+The option records the smallest amount of information to help identify the problem. This option requires a paging file of at least 2 megabytes (MB) on the boot volume of your computer and specifies that Windows will create a new file each time the system stops unexpectedly. A history of these files is stored in the folder that is listed under Small Dump Directory (%SystemRoot%\Minidump). In Windows XP and Windows Server 2003, the small memory dump file is used with the Windows Error Reporting feature. 
+
+To specify that you want to use a small memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugInfoType = 3
+  ```
+
+- Set the **CrashDumpEnabled** DWORD value to **3**.
+
+To specify that you want to use a folder as your Small Dump Directory, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set MiniDumpDirectory = 
+  ```
+
+- Set the **MinidumpDir** Expandable String Value to \.
+
+#### Kernel Memory Dump
+
+The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the Overwrite any existing file check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer (although the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB; on a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB). The following table contains guidelines for the size of the paging file:
+
+|RAM size	|Paging file should be no smaller than|
+|-------|-----------------|
+|256 MB–1,373 MB	|1.5 times the RAM size|
+|1,374 MB or greater	|32-bit system: 2 GB plus 16 MB 
       64-bit system: size of the RAM plus 128 MB|
+
+To specify that you want to use a kernel memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugInfoType = 2
+  ```
+
+- Set the **CrashDumpEnabled** DWORD value to **2**.
+
+To specify that you want to use a file as your memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugFilePath = 
+  ```
+
+- Set the **DumpFile** Expandable String Value to \.
+
+To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set OverwriteExistingDebugFile = 0
+  ```
+
+- Set the **Overwrite** DWORD value to **0**.
+
+#### Complete Memory Dump
+
+The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers with 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default.
+
+The extra MB is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full MB of space, but Windows sizes your paging file in increments of MBs.
+
+To specify that you want to use a complete memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugInfoType = 1
+  ```
+
+- Set the **CrashDumpEnabled** DWORD value to **1**.
+
+To specify that you want to use a file as your memory dump file, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set DebugFilePath = 
+  ```
+
+- Set the DumpFile Expandable String Value to \.
+
+To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+
+- ```cmd
+  wmic recoveros set OverwriteExistingDebugFile = 0
+  ```
+
+- Set the **Overwrite** DWORD value to **0**.
+
+>[!Note]
+>If you contact Microsoft Product Support Services about a stop error, you might be asked for the memory dump file that is generated by the Write Debugging Information option. 
+
+To view system failure and recovery settings for your local computer, type `wmic recoveros` at a command prompt, and then press Enter. To view system failure and recovery settings for a remote computer on your local area network, type `wmic /node: recoveros` at a command prompt, and then press Enter. 
+
+>[!Note]
+>To successfully use these Wmic.exe command line examples, you must be logged on by using a user account that has administrative rights on the computer. If you are not logged on by using a user account that has administrative rights on the computer, use the `/user:user_name` and `/password:password` switches.
+
+### Tips
+
+- To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature.
+
+- If you set the Kernel Memory Dump or the
+Complete Memory Dump option, and you select the
+Overwrite any existing file check box, Windows always writes to the same file name. To save individual dump files, click to clear the
+Overwrite any existing file check box, and then change the file name after each stop error.
+
+- You can save some memory if you click to clear the
+Write an event to the system log and Send an administrative alert check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB.
+
+## Reference
+
+[Varieties of Kernel-Mode Dump Files](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/varieties-of-kernel-mode-dump-files)
diff --git a/windows/client-management/troubleshoot-windows-startup.md b/windows/client-management/troubleshoot-windows-startup.md
index 1dcdb40a64..f7b5450b07 100644
--- a/windows/client-management/troubleshoot-windows-startup.md
+++ b/windows/client-management/troubleshoot-windows-startup.md
@@ -16,6 +16,38 @@ manager: dansimp
 
 In these topics, you will learn how to troubleshoot common problems related to Windows start-up.
 
-- [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md)
-- [Advanced troubleshooting for Stop error or blue screen error](troubleshoot-stop-errors.md)
-- [Advanced troubleshooting for Windows-based computer freeze issues](troubleshoot-windows-freeze.md)
+## How it works
+
+When Microsoft Windows encounters a condition that compromises safe system operation, the system halts. This condition is referred as Windows start-up problems. Furthermore, it is categorized in 3 buckets.
+ 
+- Bug check: It is also commonly referred to as a system crash, a kernel error, or a stop error.
+
+- No Boot: Here the system may not produce a bug check but is unable to boot into Windows.
+
+- Freeze: Also known as System Hang where 
+  
+## Best Practices
+
+To understand the underlaying cause of that lead to Windows start-up issues, it is important that the system is configured properly. Here are some best practices:
+ 
+### Page file settings
+ 
+- [Introduction of page file](introduction-of-page-file.md)
+
+- [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md)
+ 
+### Memory Dump settings
+
+- [Configure system failure and recovery options in Windows](system-failure-recovery-options.md)
+
+- [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md)
+ 
+## Troubleshooting  
+
+These articles will walk you through the resources you need to troubleshoot Windows start-up issue.
+
+- [Advanced troubleshooting for Windows boot problems](https://docs.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-boot-problems)
+
+- [Advanced troubleshooting for Stop error or blue screen error](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-stop-errors)
+
+- [Advanced troubleshooting for Windows-based computer freeze issues](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-windows-freeze)

From a302fc19fe303d453f321bd9858819cfdd66f9f3 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:30:27 +0500
Subject: [PATCH 024/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index de9e17504d..ac2e1deec7 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -28,7 +28,7 @@ You can add your own filters using the WFP APIs to block listen to reproduce thi
 
 ***Event Description:***
 
-This event generates every time [Windows Filtering Platform](https://docs.microsoft.com/windows/win32/fwp/windows-filtering-platform-start-page) blocks an application or service from listening on a port for incoming connections.
+This event generates every time the [Windows Filtering Platform](https://docs.microsoft.com/windows/win32/fwp/windows-filtering-platform-start-page) blocks an application or service from listening on a port for incoming connections.
 
 
      
 

From 536bdb57c57dcc8e454b42f496c74e4387750f6a Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:30:39 +0500
Subject: [PATCH 025/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index ac2e1deec7..d64947b8c8 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -86,7 +86,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 
 
--   **Application Name** \[Type = UnicodeString\]**:** full path and the name of the executable for the process.
+-   **Application Name** \[Type = UnicodeString\]**:** Full path and the name of the executable for the process.
 
     Logical disk is displayed in format \\device\\harddiskvolume\#. You can get all local volume numbers by using **diskpart** utility. The command to get volume numbers using diskpart is “**list volume”**:
 

From aa4ff89329b7010aab8557ad071155f3fcb8e7b9 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:31:05 +0500
Subject: [PATCH 026/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index d64947b8c8..a0f9323cf9 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -76,7 +76,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 **Application Information**:
 
--   **Process ID** \[Type = Pointer\]: hexadecimal Process ID of the process which was permitted to bind to the local port. Process ID (PID) is a number used by the operating system to uniquely identify an active process. To see the PID for a specific process you can, for example, use Task Manager (Details tab, PID column):
+-   **Process ID** \[Type = Pointer\]: Hexadecimal Process ID (PID) of the process which was permitted to bind to the local port. The PID is a number used by the operating system to uniquely identify an active process. To see the PID for a specific process you can, for example, use Task Manager (Details tab, PID column):
 
     Task manager illustration
 

From 3b6c2fabda532b60a1b9519a366d3369a86c97ba Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:31:33 +0500
Subject: [PATCH 027/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index a0f9323cf9..f1ecd05750 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -88,7 +88,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 -   **Application Name** \[Type = UnicodeString\]**:** Full path and the name of the executable for the process.
 
-    Logical disk is displayed in format \\device\\harddiskvolume\#. You can get all local volume numbers by using **diskpart** utility. The command to get volume numbers using diskpart is “**list volume”**:
+    Logical disk is displayed in the format \\device\\harddiskvolume\#. You can get all local volume numbers by using the **diskpart** utility. The command to get volume numbers using diskpart is “**list volume**”:
 
 DiskPart illustration
 

From 6a8d130e7781a84046863291ce121f3177cab356 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:31:40 +0500
Subject: [PATCH 028/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index f1ecd05750..edfe11c014 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -94,7 +94,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 **Network Information:**
 
--   **Source Address** \[Type = UnicodeString\]**:** the local IP address of the computer running the application.
+-   **Source Address** \[Type = UnicodeString\]**:** The local IP address of the computer running the application.
 
     -   IPv4 Address
 

From 4718bfeb5ab6d0d849007cd3062ac5273876cb73 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:31:47 +0500
Subject: [PATCH 029/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index edfe11c014..2556cef8e3 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -106,7 +106,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
     -   127.0.0.1 , ::1 - localhost
 
--   **Source Port** \[Type = UnicodeString\]**:** the port number used by the application.
+-   **Source Port** \[Type = UnicodeString\]**:** The port number used by the application.
 
 -   **Protocol** \[Type = UInt32\]: the protocol number being used.
 

From 5fe14b637bd3330cd06a96798b824549f55e3965 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:31:58 +0500
Subject: [PATCH 030/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 2556cef8e3..b0cf801a8d 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -132,7 +132,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 -   **Filter Run-Time ID** \[Type = UInt64\]: unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding by an application, and if this application doesn’t match any filters, you will get value 0 in this field.
 
-    To find specific Windows Filtering Platform filter by ID you need to execute the following command: **netsh wfp show filters**. As a result of this command, **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**)**,** for example:
+    To find a specific Windows Filtering Platform filter by ID, you need to execute the following command: **netsh wfp show filters**. As a result of this command, a **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**), for example:
 
     Filters.xml file illustration
 

From 2ec695456a70137f45002de4b39ee7362fa9807e Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:32:09 +0500
Subject: [PATCH 031/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index b0cf801a8d..5555db94bd 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -138,7 +138,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 -   **Layer Name** \[Type = UnicodeString\]: [Application Layer Enforcement](https://msdn.microsoft.com/library/windows/desktop/aa363971(v=vs.85).aspx) layer name.
 
--   **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find specific Windows Filtering Platform layer ID you need to execute the following command: **netsh wfp show state**. As result of this command **wfpstate.xml** file will be generated. You need to open this file and find specific substring with required layer ID (**<layerId>**)**,** for example:
+-   **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find a specific Windows Filtering Platform layer ID, you need to execute the following command: **netsh wfp show state**. As result of this command, a **wfpstate.xml** file will be generated. You need to open this file and find the specific substring with the required layer ID (**<layerId>**), for example:
 
 Wfpstate xml illustration
 

From 05e46457a066ebbbe61c7cd807fa191bc40825e2 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:32:19 +0500
Subject: [PATCH 032/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 5555db94bd..210c9bf842 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -130,7 +130,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
 **Filter Information:**
 
--   **Filter Run-Time ID** \[Type = UInt64\]: unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding by an application, and if this application doesn’t match any filters, you will get value 0 in this field.
+-   **Filter Run-Time ID** \[Type = UInt64\]: A unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding to an application, and if this application doesn’t match any filters, you will get a 0 value in this field.
 
     To find a specific Windows Filtering Platform filter by ID, you need to execute the following command: **netsh wfp show filters**. As a result of this command, a **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**), for example:
 

From 107f34dc380cde2f449a67e2bea9ad56acc64861 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:32:42 +0500
Subject: [PATCH 033/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 210c9bf842..4b62fee658 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -33,7 +33,7 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
 
      
 
 ***Event XML:***
-```
+```xml
 
     

From 27117649bb918b4995980a0398723907ae9702a9 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:32:56 +0500
Subject: [PATCH 034/113] Update
 windows/security/threat-protection/auditing/event-5155.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/security/threat-protection/auditing/event-5155.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md
index 4b62fee658..9964b6f390 100644
--- a/windows/security/threat-protection/auditing/event-5155.md
+++ b/windows/security/threat-protection/auditing/event-5155.md
@@ -63,7 +63,6 @@ This event generates every time the [Windows Filtering Platform](https://docs.mi
         40
     
 
-
 ```
 
 ***Required Server Roles:*** None.

From 302d4d221462d1cf4b78a5c1142fcc4ae7f50cfd Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Wed, 28 Aug 2019 15:38:05 +0500
Subject: [PATCH 035/113] Update kiosk-mdm-bridge.md

---
 windows/configuration/kiosk-mdm-bridge.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/configuration/kiosk-mdm-bridge.md b/windows/configuration/kiosk-mdm-bridge.md
index b08ebebd2c..51eeccc08b 100644
--- a/windows/configuration/kiosk-mdm-bridge.md
+++ b/windows/configuration/kiosk-mdm-bridge.md
@@ -35,7 +35,8 @@ Here’s an example to set AssignedAccess configuration:
 $nameSpaceName="root\cimv2\mdm\dmmap"
 $className="MDM_AssignedAccess"
 $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className
-$obj.Configuration = @"
+Add-Type -AssemblyName System.Web
+$obj.Configuration = [System.Web.HttpUtility]::HtmlEncode(@"
 
 
   
@@ -84,7 +85,7 @@ $obj.Configuration = @"
     
   
 
-"@
+"@)
 
 Set-CimInstance -CimInstance $obj
 ```

From 7a2a5eeff620fc4182d49216028d688757f7b9b4 Mon Sep 17 00:00:00 2001
From: illfated 
Date: Thu, 29 Aug 2019 00:13:45 +0200
Subject: [PATCH 036/113] Windows Update resources: add MD code block

Description:

The list of manual regsvr32.exe commands becomes translated in other
languages, to the extent that extra words appear among the commands.
This is an attempt to mitigate this behavior in the machine translation,
by adding a MarkDown code block around the list of commands.

Proposed changes:
- Add MD code block around the long list of regsvr32.exe commands
- Remove blank space characters at the end of each line (cosmetic)

issue ticket reference or closure:
Ref. #4800 (Spanish "translation" of commands)
Ref. #3569, #3570, #3571, #3572, #3574, #3575
( [LOC] Back-Translation "regsvr32.exe [...]" )
---
 .../update/windows-update-resources.md        | 182 +++++++++---------
 1 file changed, 93 insertions(+), 89 deletions(-)

diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md
index c98b9d29d0..41f09d00f0 100644
--- a/windows/deployment/update/windows-update-resources.md
+++ b/windows/deployment/update/windows-update-resources.md
@@ -1,14 +1,14 @@
 ---
-title: Windows Update - Additional resources 
+title: Windows Update - Additional resources
 description: Additional resources for Windows Update
 ms.prod: w10
-ms.mktglfcycl: 
+ms.mktglfcycl:
 ms.sitesec: library
 audience: itpro
author: greg-lindsay
 ms.localizationpriority: medium
 ms.audience: itpro
author: greg-lindsay
 ms.date: 09/18/2018
-ms.reviewer: 
+ms.reviewer:
 manager: laurawi
 ms.topic: article
 ---
@@ -19,106 +19,110 @@ ms.topic: article
 
 The following resources provide additional information about using Windows Update.
 
-## WSUS Troubleshooting 
- 
-[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/) 
- 
-[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/) 
- 
-[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/) 
- 
-[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/) 
- 
- 
-## How do I reset Windows Update components? 
- 
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.  
+## WSUS Troubleshooting
 
- 
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update. 
- 
- 
-## Reset Windows Update components manually 
-1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER: 
+[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/)
+
+[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/)
+
+[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/)
+
+[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/)
+
+
+## How do I reset Windows Update components?
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.
+
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update.
+
+
+## Reset Windows Update components manually
+1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER:
    ```
    cmd
-   ```  
-2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.  
    ```
-   net stop bits  
-   net stop wuauserv 
+2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
    ```
-3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:  
+   net stop bits
+   net stop wuauserv
    ```
-   Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat" 
+3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:
    ```
-4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.  
-   1. Rename the following folders to *.BAK:  
-      - %systemroot%\SoftwareDistribution\DataStore  
-      - %systemroot%\SoftwareDistribution\Download  
-      - %systemroot%\system32\catroot2 
-      
-      To do this, type the following commands at a command prompt. Press ENTER after you type each command.  
-      - Ren %systemroot%\SoftwareDistribution\DataStore *.bak  
-      - Ren %systemroot%\SoftwareDistribution\Download *.bak  
-      - Ren %systemroot%\system32\catroot2 *.bak 
-   2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.  
-      - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)  
-      - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) 
-5. Type the following command at a command prompt, and then press ENTER:  
+   Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
    ```
-   cd /d %windir%\system32 
+4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.
+   1. Rename the following folders to *.BAK:
+      - %systemroot%\SoftwareDistribution\DataStore
+      - %systemroot%\SoftwareDistribution\Download
+      - %systemroot%\system32\catroot2
+
+      To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+      - Ren %systemroot%\SoftwareDistribution\DataStore *.bak
+      - Ren %systemroot%\SoftwareDistribution\Download *.bak
+      - Ren %systemroot%\system32\catroot2 *.bak
+   2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+      - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+      - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+5. Type the following command at a command prompt, and then press ENTER:
    ```
-6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.  
-   - regsvr32.exe atl.dll  
-   - regsvr32.exe urlmon.dll  
-   - regsvr32.exe mshtml.dll  
-   - regsvr32.exe shdocvw.dll  
-   - regsvr32.exe browseui.dll  
-   - regsvr32.exe jscript.dll  
-   - regsvr32.exe vbscript.dll  
-   - regsvr32.exe scrrun.dll  
-   - regsvr32.exe msxml.dll  
-   - regsvr32.exe msxml3.dll  
-   - regsvr32.exe msxml6.dll  
-   - regsvr32.exe actxprxy.dll  
-   - regsvr32.exe softpub.dll  
-   - regsvr32.exe wintrust.dll  
-   - regsvr32.exe dssenh.dll  
-   - regsvr32.exe rsaenh.dll  
-   - regsvr32.exe gpkcsp.dll  
-   - regsvr32.exe sccbase.dll  
-   - regsvr32.exe slbcsp.dll  
-   - regsvr32.exe cryptdlg.dll  
-   - regsvr32.exe oleaut32.dll  
-   - regsvr32.exe ole32.dll  
-   - regsvr32.exe shell32.dll  
-   - regsvr32.exe initpki.dll  
-   - regsvr32.exe wuapi.dll  
-   - regsvr32.exe wuaueng.dll  
-   - regsvr32.exe wuaueng1.dll  
-   - regsvr32.exe wucltui.dll  
-   - regsvr32.exe wups.dll  
-   - regsvr32.exe wups2.dll  
-   - regsvr32.exe wuweb.dll  
-   - regsvr32.exe qmgr.dll  
-   - regsvr32.exe qmgrprxy.dll  
-   - regsvr32.exe wucltux.dll  
-   - regsvr32.exe muweb.dll  
-   - regsvr32.exe wuwebv.dll 
-7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:  
+   cd /d %windir%\system32
    ```
-   netsh winsock reset 
+6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+
    ```
-8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:  
+   regsvr32.exe atl.dll
+   regsvr32.exe urlmon.dll
+   regsvr32.exe mshtml.dll
+   regsvr32.exe shdocvw.dll
+   regsvr32.exe browseui.dll
+   regsvr32.exe jscript.dll
+   regsvr32.exe vbscript.dll
+   regsvr32.exe scrrun.dll
+   regsvr32.exe msxml.dll
+   regsvr32.exe msxml3.dll
+   regsvr32.exe msxml6.dll
+   regsvr32.exe actxprxy.dll
+   regsvr32.exe softpub.dll
+   regsvr32.exe wintrust.dll
+   regsvr32.exe dssenh.dll
+   regsvr32.exe rsaenh.dll
+   regsvr32.exe gpkcsp.dll
+   regsvr32.exe sccbase.dll
+   regsvr32.exe slbcsp.dll
+   regsvr32.exe cryptdlg.dll
+   regsvr32.exe oleaut32.dll
+   regsvr32.exe ole32.dll
+   regsvr32.exe shell32.dll
+   regsvr32.exe initpki.dll
+   regsvr32.exe wuapi.dll
+   regsvr32.exe wuaueng.dll
+   regsvr32.exe wuaueng1.dll
+   regsvr32.exe wucltui.dll
+   regsvr32.exe wups.dll
+   regsvr32.exe wups2.dll
+   regsvr32.exe wuweb.dll
+   regsvr32.exe qmgr.dll
+   regsvr32.exe qmgrprxy.dll
+   regsvr32.exe wucltux.dll
+   regsvr32.exe muweb.dll
+   regsvr32.exe wuwebv.dll
    ```
-   proxycfg.exe -d 
+
+7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:
    ```
-9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.  
+   netsh winsock reset
    ```
-   net start bits  
-   
-   net start wuauserv 
+8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:
+   ```
+   proxycfg.exe -d
+   ```
+9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+   ```
+   net start bits
+
+   net start wuauserv
    ```
 10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER:
     ```

From 797836ac440925e8ba5f7bd25b54f4d71e4598fb Mon Sep 17 00:00:00 2001
From: illfated 
Date: Thu, 29 Aug 2019 00:28:11 +0200
Subject: [PATCH 037/113] MetaData update: convert ^M (2x) to NewLine

- replaced Ctrl-M character with NewLine in MetaData
---
 .../update/windows-update-resources.md        | 262 +++++++++---------
 1 file changed, 132 insertions(+), 130 deletions(-)

diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md
index 41f09d00f0..ead5fd7aaf 100644
--- a/windows/deployment/update/windows-update-resources.md
+++ b/windows/deployment/update/windows-update-resources.md
@@ -1,130 +1,132 @@
----
-title: Windows Update - Additional resources
-description: Additional resources for Windows Update
-ms.prod: w10
-ms.mktglfcycl:
-ms.sitesec: library
-audience: itpro
author: greg-lindsay
-ms.localizationpriority: medium
-ms.audience: itpro
author: greg-lindsay
-ms.date: 09/18/2018
-ms.reviewer:
-manager: laurawi
-ms.topic: article
----
-
-# Windows Update - additional resources
-
->Applies to: Windows 10
-
-The following resources provide additional information about using Windows Update.
-
-## WSUS Troubleshooting
-
-[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/)
-
-[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/)
-
-[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/)
-
-[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/)
-
-
-## How do I reset Windows Update components?
-
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.
-
-
-[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update.
-
-
-## Reset Windows Update components manually
-1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER:
-   ```
-   cmd
-   ```
-2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
-   ```
-   net stop bits
-   net stop wuauserv
-   ```
-3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:
-   ```
-   Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
-   ```
-4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.
-   1. Rename the following folders to *.BAK:
-      - %systemroot%\SoftwareDistribution\DataStore
-      - %systemroot%\SoftwareDistribution\Download
-      - %systemroot%\system32\catroot2
-
-      To do this, type the following commands at a command prompt. Press ENTER after you type each command.
-      - Ren %systemroot%\SoftwareDistribution\DataStore *.bak
-      - Ren %systemroot%\SoftwareDistribution\Download *.bak
-      - Ren %systemroot%\system32\catroot2 *.bak
-   2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
-      - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
-      - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
-5. Type the following command at a command prompt, and then press ENTER:
-   ```
-   cd /d %windir%\system32
-   ```
-6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
-
-   ```
-   regsvr32.exe atl.dll
-   regsvr32.exe urlmon.dll
-   regsvr32.exe mshtml.dll
-   regsvr32.exe shdocvw.dll
-   regsvr32.exe browseui.dll
-   regsvr32.exe jscript.dll
-   regsvr32.exe vbscript.dll
-   regsvr32.exe scrrun.dll
-   regsvr32.exe msxml.dll
-   regsvr32.exe msxml3.dll
-   regsvr32.exe msxml6.dll
-   regsvr32.exe actxprxy.dll
-   regsvr32.exe softpub.dll
-   regsvr32.exe wintrust.dll
-   regsvr32.exe dssenh.dll
-   regsvr32.exe rsaenh.dll
-   regsvr32.exe gpkcsp.dll
-   regsvr32.exe sccbase.dll
-   regsvr32.exe slbcsp.dll
-   regsvr32.exe cryptdlg.dll
-   regsvr32.exe oleaut32.dll
-   regsvr32.exe ole32.dll
-   regsvr32.exe shell32.dll
-   regsvr32.exe initpki.dll
-   regsvr32.exe wuapi.dll
-   regsvr32.exe wuaueng.dll
-   regsvr32.exe wuaueng1.dll
-   regsvr32.exe wucltui.dll
-   regsvr32.exe wups.dll
-   regsvr32.exe wups2.dll
-   regsvr32.exe wuweb.dll
-   regsvr32.exe qmgr.dll
-   regsvr32.exe qmgrprxy.dll
-   regsvr32.exe wucltux.dll
-   regsvr32.exe muweb.dll
-   regsvr32.exe wuwebv.dll
-   ```
-
-7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:
-   ```
-   netsh winsock reset
-   ```
-8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:
-   ```
-   proxycfg.exe -d
-   ```
-9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
-   ```
-   net start bits
-
-   net start wuauserv
-   ```
-10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER:
-    ```
-    bitsadmin.exe /reset /allusers
-    ```
+---
+title: Windows Update - Additional resources
+description: Additional resources for Windows Update
+ms.prod: w10
+ms.mktglfcycl:
+ms.sitesec: library
+audience: itpro
+author: greg-lindsay
+ms.localizationpriority: medium
+ms.audience: itpro
+author: greg-lindsay
+ms.date: 09/18/2018
+ms.reviewer:
+manager: laurawi
+ms.topic: article
+---
+
+# Windows Update - additional resources
+
+>Applies to: Windows 10
+
+The following resources provide additional information about using Windows Update.
+
+## WSUS Troubleshooting
+
+[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/)
+
+[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/)
+
+[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/)
+
+[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/)
+
+
+## How do I reset Windows Update components?
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data.
+
+
+[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update.
+
+
+## Reset Windows Update components manually
+1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER:
+   ```
+   cmd
+   ```
+2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+   ```
+   net stop bits
+   net stop wuauserv
+   ```
+3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER:
+   ```
+   Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat"
+   ```
+4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above.
+   1. Rename the following folders to *.BAK:
+      - %systemroot%\SoftwareDistribution\DataStore
+      - %systemroot%\SoftwareDistribution\Download
+      - %systemroot%\system32\catroot2
+
+      To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+      - Ren %systemroot%\SoftwareDistribution\DataStore *.bak
+      - Ren %systemroot%\SoftwareDistribution\Download *.bak
+      - Ren %systemroot%\system32\catroot2 *.bak
+   2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+      - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+      - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
+5. Type the following command at a command prompt, and then press ENTER:
+   ```
+   cd /d %windir%\system32
+   ```
+6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+
+   ```
+   regsvr32.exe atl.dll
+   regsvr32.exe urlmon.dll
+   regsvr32.exe mshtml.dll
+   regsvr32.exe shdocvw.dll
+   regsvr32.exe browseui.dll
+   regsvr32.exe jscript.dll
+   regsvr32.exe vbscript.dll
+   regsvr32.exe scrrun.dll
+   regsvr32.exe msxml.dll
+   regsvr32.exe msxml3.dll
+   regsvr32.exe msxml6.dll
+   regsvr32.exe actxprxy.dll
+   regsvr32.exe softpub.dll
+   regsvr32.exe wintrust.dll
+   regsvr32.exe dssenh.dll
+   regsvr32.exe rsaenh.dll
+   regsvr32.exe gpkcsp.dll
+   regsvr32.exe sccbase.dll
+   regsvr32.exe slbcsp.dll
+   regsvr32.exe cryptdlg.dll
+   regsvr32.exe oleaut32.dll
+   regsvr32.exe ole32.dll
+   regsvr32.exe shell32.dll
+   regsvr32.exe initpki.dll
+   regsvr32.exe wuapi.dll
+   regsvr32.exe wuaueng.dll
+   regsvr32.exe wuaueng1.dll
+   regsvr32.exe wucltui.dll
+   regsvr32.exe wups.dll
+   regsvr32.exe wups2.dll
+   regsvr32.exe wuweb.dll
+   regsvr32.exe qmgr.dll
+   regsvr32.exe qmgrprxy.dll
+   regsvr32.exe wucltux.dll
+   regsvr32.exe muweb.dll
+   regsvr32.exe wuwebv.dll
+   ```
+
+7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER:
+   ```
+   netsh winsock reset
+   ```
+8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER:
+   ```
+   proxycfg.exe -d
+   ```
+9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command.
+   ```
+   net start bits
+
+   net start wuauserv
+   ```
+10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER:
+    ```
+    bitsadmin.exe /reset /allusers
+    ```

From f91790a094e6708e5ce8c045c30420e512491791 Mon Sep 17 00:00:00 2001
From: Orlando Rodriguez <49177883+ojrb@users.noreply.github.com>
Date: Wed, 28 Aug 2019 19:39:49 -0500
Subject: [PATCH 038/113] Update
 mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 ...nd-alone-and-configuration-manager-integration-topologies.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
index 368088283f..885442c581 100644
--- a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
+++ b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
@@ -274,7 +274,7 @@ The following table lists the installation prerequisites for the MBAM Administra
 
    • WCF Activation
      
 
        
 
      • HTTP Activation
        • 
-
      • Non-HTTP Activation (Only for Windows Server 2008, 2012 or 2012 R2)
        
+
      • Non-HTTP Activation (Only for Windows Server 2008, 2012, and 2012 R2)
        
 
        • 
 
      • 
 
    • TCP Activation
      • 

From 56160d7434b933a4df00f7001bda3ad95b88cf46 Mon Sep 17 00:00:00 2001
From: Deland-Han 
Date: Thu, 29 Aug 2019 17:10:55 +0800
Subject: [PATCH 039/113] comment

---
 windows/client-management/TOC.md                          | 2 +-
 windows/client-management/introduction-of-page-file.md    | 4 ++--
 windows/client-management/troubleshoot-windows-startup.md | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/client-management/TOC.md b/windows/client-management/TOC.md
index d3ba01eed3..c998cd5263 100644
--- a/windows/client-management/TOC.md
+++ b/windows/client-management/TOC.md
@@ -24,7 +24,7 @@
 ### [Advanced troubleshooting for Windows startup](troubleshoot-windows-startup.md)
 #### [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md)
 #### [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md)
-#### [Introduction of page file](introduction-of-page-file.md)
+#### [Introduction to the page file](introduction-of-page-file.md)
 #### [Configure system failure and recovery options in Windows](system-failure-recovery-options.md)
 #### [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md)
 #### [Advanced troubleshooting for Windows-based computer freeze](troubleshoot-windows-freeze.md)
diff --git a/windows/client-management/introduction-of-page-file.md b/windows/client-management/introduction-of-page-file.md
index 4f631455ee..ebab8b0352 100644
--- a/windows/client-management/introduction-of-page-file.md
+++ b/windows/client-management/introduction-of-page-file.md
@@ -1,5 +1,5 @@
 ---
-title: Introduction of page file
+title: Introduction to the page file
 description: Learn about the page files in Windows.
 ms.prod: w10
 ms.sitesec: library
@@ -12,7 +12,7 @@ ms.reviewer:
 manager: dcscontentpm
 ---
 
-# Introduction of page file
+# Introduction to the page file
 
 A page file (also known as a "paging file") is an optional, hidden system file on a hard disk.
 
diff --git a/windows/client-management/troubleshoot-windows-startup.md b/windows/client-management/troubleshoot-windows-startup.md
index f7b5450b07..604a4e0c3a 100644
--- a/windows/client-management/troubleshoot-windows-startup.md
+++ b/windows/client-management/troubleshoot-windows-startup.md
@@ -32,7 +32,7 @@ To understand the underlaying cause of that lead to Windows start-up issues, it
  
 ### Page file settings
  
-- [Introduction of page file](introduction-of-page-file.md)
+- [Introduction to the page file](introduction-of-page-file.md)
 
 - [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md)
  

From add36a705e5efffe6de1665e31ac5ecf834baebf Mon Sep 17 00:00:00 2001
From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com>
Date: Thu, 29 Aug 2019 11:44:20 +0100
Subject: [PATCH 040/113] Clarify the registry key needed to set tags

---
 .../threat-protection/microsoft-defender-atp/machine-tags.md   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
index 6dff3ffaae..c9543f40e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
@@ -67,7 +67,8 @@ Machines with similar tags can be handy when you need to apply contextual action
 Use the following registry key entry to add a tag on a machine:
 
 - Registry key: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection\DeviceTagging\`
-- Registry key value (string): Group
+- Registry key name: `Group`
+- Registry key value (REG_SZ): `Name of the tag you want to set`
 
 >[!NOTE]
 >The device tag is part of the machine information report that's generated once a day. As an alternative, you may choose to restart the endpoint that would transfer a new machine information report.

From 5cfda3f8607ddddea59d3a14531b38b17c341f50 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Thu, 29 Aug 2019 11:35:07 -0700
Subject: [PATCH 041/113] CAT Auto Pulish for Windows Release Messages -
 20190829112356 (#1007)

* Update deploy-the-latest-firmware-and-drivers-for-surface-devices.md

* add table

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829102107 (#1006)
---
 ...irmware-and-drivers-for-surface-devices.md |  2 +-
 .../status-windows-10-1903.yml                | 20 +++++++++----------
 .../windows-message-center.yml                |  1 +
 .../respond-file-alerts.md                    | 12 +++++++++++
 4 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
index 4bad708b64..94094f2b60 100644
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@@ -11,7 +11,7 @@ ms.mktglfcycl: deploy
 ms.pagetype: surface, devices
 ms.sitesec: library
 author: dansimp
-ms.date: 08/13/2018
+ms.date: 08/13/2019
 ms.author: dansimp
 ms.topic: article
 ---
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index f2377ee4cf..ceed17f7b4 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,18 @@ sections:
   - type: markdown
     text: "
      This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

      
       
-      
-      
+      
+      
-      
+      
-      
-      
+      
+      
@@ -95,7 +95,7 @@ sections:
   - type: markdown
     text: "
       
      SummaryOriginating updateStatusLast updated
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

      See details >      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      		August 20, 2019 
      11:06 AM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      		August 17, 2019 
      01:49 PM PT
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

      See details >      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      KB4512941      		August 20, 2019 
      11:06 AM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      KB4512941      		August 17, 2019 
      01:49 PM PT
      
       
      Updates may fail to install and you may receive Error 0x80073701
      Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		August 16, 2019 
      04:28 PM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		August 13, 2019 
      06:59 PM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		August 13, 2019 
      06:59 PM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		August 09, 2019 
      07:03 PM PT
      
       
      Issues updating when certain versions of Intel storage drivers are installed
      Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Mitigated External
      		August 09, 2019 
      07:03 PM PT
      
       
      Intermittent loss of Wi-Fi connectivity
      Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. 

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated External
      		August 01, 2019 
      08:44 PM PT
      
       
      Gamma ramps, color profiles, and night light settings do not apply in some cases
      Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		August 01, 2019 
      06:27 PM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		July 26, 2019 
      02:00 PM PT
      
       
      The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
      Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		July 16, 2019 
      09:04 AM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      		July 10, 2019 
      07:09 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      KB4512941      		July 10, 2019 
      07:09 PM PT
      
       
      Unable to discover or connect to Bluetooth devices
      Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:48 PM PT
      
       
      Intel Audio displays an intcdaud.sys notification
      Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:47 PM PT
      
       
      Cannot launch Camera app 
      Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:47 PM PT
      
-      
+      
      DetailsOriginating updateStatusHistory
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.

      Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

      Back to top      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      		Last updated:
      August 17, 2019 
      01:49 PM PT

      Opened:
      August 14, 2019 
      03:34 PM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.

      Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

      Back to top      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      KB4512941      		Last updated:
      August 17, 2019 
      01:49 PM PT

      Opened:
      August 14, 2019 
      03:34 PM PT
      
       
      Updates may fail to install and you may receive Error 0x80073701
      Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      August 16, 2019 
      04:28 PM PT

      Opened:
      August 16, 2019 
      01:41 PM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		Last updated:
      August 09, 2019 
      07:03 PM PT

      Opened:
      August 09, 2019 
      04:25 PM PT
      
       
      
@@ -107,11 +107,11 @@ sections:
     text: "
       
+

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
      Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in late August.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Back to top
-      
-      
+      
+      
      DetailsOriginating updateStatusHistory
      
       
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

      To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

      Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
      HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
      Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in late August.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      August 13, 2019 
      06:59 PM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		Last updated:
      August 13, 2019 
      06:59 PM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      
       
      Issues updating when certain versions of Intel storage drivers are installed
      Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

      To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

      Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Workaround: To mitigate this issue before the resolution is released, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

      Next Steps: We are working on a resolution and estimate a solution will be available in late August.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Mitigated External
      		Last updated:
      August 09, 2019 
      07:03 PM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      
       
      The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
      Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.

      To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      July 16, 2019 
      09:04 AM PT

      Opened:
      July 12, 2019 
      04:20 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Next steps: We are working on a resolution that will be made available in upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      July 12, 2019 
      04:42 PM PT

      Opened:
      July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

      Affected platforms:
      • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
      Workaround: 
      To mitigate this issue on an SCCM server:
      1. Verify Variable Window Extension is enabled.
      2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
      Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

      To mitigate this issue on a WDS server without SCCM:
      1. In WDS TFTP settings, verify Variable Window Extension is enabled.
      2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
      3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
      Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      		Last updated:
      July 10, 2019 
      07:09 PM PT

      Opened:
      July 10, 2019 
      02:51 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Next steps: We are working on a resolution that will be made available in upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		Last updated:
      July 12, 2019 
      04:42 PM PT

      Opened:
      July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

      Affected platforms:
      • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
      Workaround: 
      To mitigate this issue on an SCCM server:
      1. Verify Variable Window Extension is enabled.
      2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
      Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

      To mitigate this issue on a WDS server without SCCM:
      1. In WDS TFTP settings, verify Variable Window Extension is enabled.
      2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
      3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
      Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      KB4512941      		Last updated:
      July 10, 2019 
      07:09 PM PT

      Opened:
      July 10, 2019 
      02:51 PM PT
      
       
      
       "
 
@@ -120,7 +120,7 @@ sections:
   - type: markdown
     text: "
       
-      
+      
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index 0ff0106922..a69de08f66 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       
      DetailsOriginating updateStatusHistory
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

      Affected platforms:
      • Client: Windows 10, version 1903
      Next steps: We are working on a resolution and estimates a solution will be available in late August.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      		Last updated:
      August 20, 2019 
      11:06 AM PT

      Opened:
      May 24, 2019 
      04:20 PM PT
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

      Affected platforms:
      • Client: Windows 10, version 1903
      Next steps: We are working on a resolution and estimates a solution will be available in late August.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      KB4512941      		Last updated:
      August 20, 2019 
      11:06 AM PT

      Opened:
      May 24, 2019 
      04:20 PM PT
      
       
      Intermittent loss of Wi-Fi connectivity
      Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

      To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).
       
      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated External
      		Last updated:
      August 01, 2019 
      08:44 PM PT

      Opened:
      May 21, 2019 
      07:13 AM PT
      
       
      Gamma ramps, color profiles, and night light settings do not apply in some cases
      Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

      Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
      • Connecting to (or disconnecting from) an external monitor, dock, or projector
      • Rotating the screen
      • Updating display drivers or making other display mode changes
      • Closing full screen applications
      • Applying custom color profiles
      • Running applications that rely on custom gamma ramps
      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		Last updated:
      August 01, 2019 
      06:27 PM PT

      Opened:
      May 21, 2019 
      07:28 AM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

      To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		Resolved:
      July 26, 2019 
      02:00 PM PT

      Opened:
      May 21, 2019 
      07:56 AM PT
      
       
+      
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
index 3910cda2ff..ee0bb0ff9b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
@@ -40,6 +40,18 @@ Response actions run along the top of the file page, and include:
 
 You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
 
+Some actions require certain permissions. The following table describes what action certain permissions can take on portable executable (PE) and non-PE files:
+
+Permission | PE files | Non-PE files
+:---|:---|:---
+View data | X | X
+Alerts investigation | ☑ | X
+Live response basic | X | X
+Live response advanced | ☑ |☑
+
+For more information on roles, see [Create and manage roles for role-based access control](user-roles.md).
+
+
 ## Stop and quarantine files in your network
 
 You can contain an attack in your organization by stopping the malicious process and quarantining the file where it was observed.

From 516c549ca2cb0610b1e4310c150192aa11cf1aa9 Mon Sep 17 00:00:00 2001
From: Gary Burns <37640177+gaburn@users.noreply.github.com>
Date: Thu, 29 Aug 2019 12:07:48 -0700
Subject: [PATCH 042/113] Update
 microsoft-defender-atp-mac-install-with-intune.md

adding troubleshooting step for common 'no license found' issue
---
 .../microsoft-defender-atp-mac-install-with-intune.md       | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index da2a6a8dcd..2f1cc97a92 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -166,6 +166,12 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
 
     ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
 
+## Troubleshooting
+
+Issue: No license found
+
+Solution: Follow steps above to create a device profile using WindowsDefenderATPOnboarding.xml
+
 ## Logging installation issues
 
 For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) .

From 17d4fb7dd81d08feee42855e0b5ee368c36658f3 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Thu, 29 Aug 2019 19:00:31 -0700
Subject: [PATCH 043/113] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20190829175859 (#1012) (#1013)

---
 windows/release-information/windows-message-center.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index a69de08f66..eee75f9b25 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       
      MessageDate
      Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
      Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
      		August 29, 2019 
      08:00 AM PT
      
       
      Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
      Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
      		August 23, 2019 
      03:35 PM PT
      
       
      Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019 
      The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

      There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

      To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
      		August 23, 2019 
      02:17 PM PT
      
       
      Resolved:  Delays starting Internet Explorer 11
      On August 16, 2019 at 7:16 AM a server required for downloading the Internet Explorer 11 (IE11) startup page, went down. As a result of the server outage, IE 11 became unresponsive for some customers who had not yet installed the August 2019 security updates. Customers who had the August 2019 security update installed were not affected. In order to ensure your devices remain in a serviced and secure state, we recommend you install the latest monthly update.

      This issue was resolved on the server side at 1:00 pm PST. 
      		August 16, 2019 
      04:00 PM PT
      
       
+      

From a7f9fd7adfa4087f3b930cbfc98cb98ebea98ab1 Mon Sep 17 00:00:00 2001
From: Tom Henderson 
Date: Fri, 30 Aug 2019 15:43:49 +1200
Subject: [PATCH 044/113] Add page for Audit Token Right Adjusted

---
 ...advanced-security-audit-policy-settings.md |  2 +-
 .../auditing/audit-token-right-adjusted.md    | 27 +++++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 windows/security/threat-protection/auditing/audit-token-right-adjusted.md

diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index 6ad79e3e33..7d1e22bb7a 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -65,7 +65,7 @@ Detailed Tracking security policy settings and audit events can be used to monit
 - [Audit Process Termination](audit-process-termination.md)
 - [Audit RPC Events](audit-rpc-events.md)
 - [Audit Credential Validation](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-credential-validation)
-  > **Note:**  For more information, see [Security Monitoring](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/)
+- [Audit Token Right Adjusted](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-token-right-adjusted)
 
 ## DS Access
 
diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
new file mode 100644
index 0000000000..560a49db64
--- /dev/null
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -0,0 +1,27 @@
+---
+title: Audit Token Right Adjusted (Windows 10)
+description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the priveleges of a token.
+---
+
+# Audit Token Right Adjusted
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016
+
+
+Audit Token Right Adjusted allows you to audit events generated by adjusting the priveleges of a token. 
+
+For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/)
+
+| Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                            |
+|-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+
+**Events List:**
+
+-   [4703](event-4703.md)(S): A user right was adjusted.
+
+**Event volume**: High.

From c084d21ab6ad7c1165155315bd50591504fb4e66 Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Fri, 30 Aug 2019 11:11:11 -0700
Subject: [PATCH 045/113] CAT Auto Pulish for Windows Release Messages -
 CAT_AutoPublish_20190830100739 (#1018) (#1019)

---
 .../resolved-issues-windows-10-1903.yml       | 21 +++++++++++++++
 .../status-windows-10-1903.yml                | 26 +++++++++----------
 .../windows-message-center.yml                |  1 +
 3 files changed, 35 insertions(+), 13 deletions(-)

diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml
index 46128ad713..e3349d1356 100644
--- a/windows/release-information/resolved-issues-windows-10-1903.yml
+++ b/windows/release-information/resolved-issues-windows-10-1903.yml
@@ -32,6 +32,12 @@ sections:
   - type: markdown
     text: "
       
      MessageDate
      Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
      We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
      		August 29, 2019 
      04:39 PM PT
      
       
      Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
      Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
      		August 29, 2019 
      08:00 AM PT
      
       
      Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
      Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
      		August 23, 2019 
      03:35 PM PT
      
       
      Take action: Windows 10, version 1703 (the Windows 10 Creators Update) reaches end of life on October 9, 2019 
      The Enterprise and Education editions of Windows 10, version 1703 (the Windows 10 Creators Update) will reach end of life on October 9, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions reached end of service on October 8, 2018.

      There is no extended support available for any edition of Windows 10, version 1703. Therefore, it will no longer be supported after October 9, 2019 and will not receive monthly security and quality updates containing protections from the latest security threats.

      To continue receiving security and quality updates, Microsoft recommends that you update your devices to the latest version of Windows 10. For more information on end of service dates and currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
      		August 23, 2019 
      02:17 PM PT
      
+      
+      
+      
+      
+      
+      
@@ -58,10 +64,24 @@ sections:
   - type: markdown
     text: "
       
      SummaryOriginating updateStatusDate resolved
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Issues updating when certain versions of Intel storage drivers are installed
      Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

      See details >      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		August 09, 2019 
      07:03 PM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		July 26, 2019 
      02:00 PM PT
      
       
      RASMAN service may stop working and result in the error “0xc0000005”
      The Remote Access Connection Manager (RASMAN) service may stop working and result in the error “0xc0000005” with VPN profiles configured as an Always On VPN connection.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4505903      		July 26, 2019 
      02:00 PM PT
      
+      
      DetailsOriginating updateStatusHistory
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.

      Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

      Back to top      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      August 14, 2019 
      03:34 PM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		Last updated:
      August 09, 2019 
      07:03 PM PT

      Opened:
      August 09, 2019 
      04:25 PM PT
      
       
      
       "
 
+- title: July 2019
+- items:
+  - type: markdown
+    text: "
+      
+      
+      
+      
+      
+      
      DetailsOriginating updateStatusHistory
      Issues updating when certain versions of Intel storage drivers are installed
      Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

      To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

      Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Workaround: To mitigate this issue before the safeguard hold is removed, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

      Affected platforms:
      • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 10, 2019 
      02:51 PM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

      To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

      Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
      HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
      Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      
+      "
+
 - title: June 2019
 - items:
   - type: markdown
@@ -77,6 +97,7 @@ sections:
   - type: markdown
     text: "
       
+      
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index ceed17f7b4..5dd768299d 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,18 @@ sections:
   - type: markdown
     text: "
      This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

      DetailsOriginating updateStatusHistory
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      May 24, 2019 
      04:20 PM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

      To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		Resolved:
      July 26, 2019 
      02:00 PM PT

      Opened:
      May 21, 2019 
      07:56 AM PT
      
       
      Loss of functionality in Dynabook Smartphone Link app
      Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

      To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Resolved
      		Resolved:
      July 11, 2019 
      01:54 PM PT

      Opened:
      May 24, 2019 
      03:10 PM PT
      
       
      Error attempting to update with external USB device or memory card attached 
      If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

      Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

      Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

      To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      		Resolved:
      July 11, 2019 
      01:53 PM PT

      Opened:
      May 21, 2019 
      07:38 AM PT
      
       
      
-      
-      
+      
+      
+      
+      
+      
+      
-      
-      
-      
-      
@@ -95,7 +95,7 @@ sections:
   - type: markdown
     text: "
       
      SummaryOriginating updateStatusLast updated
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

      See details >      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      KB4512941      		August 20, 2019 
      11:06 AM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      KB4512941      		August 17, 2019 
      01:49 PM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Issues updating when certain versions of Intel storage drivers are installed
      Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

      See details >      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		August 30, 2019 
      10:00 AM PT
      
       
      Updates may fail to install and you may receive Error 0x80073701
      Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		August 16, 2019 
      04:28 PM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		August 13, 2019 
      06:59 PM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		August 09, 2019 
      07:03 PM PT
      Issues updating when certain versions of Intel storage drivers are installed
      Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Mitigated External
      		August 09, 2019 
      07:03 PM PT
      
       
      Intermittent loss of Wi-Fi connectivity
      Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. 

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated External
      		August 01, 2019 
      08:44 PM PT
      
       
      Gamma ramps, color profiles, and night light settings do not apply in some cases
      Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		August 01, 2019 
      06:27 PM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		July 26, 2019 
      02:00 PM PT
      
       
      The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
      Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		July 16, 2019 
      09:04 AM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

      See details >      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      KB4512941      		July 10, 2019 
      07:09 PM PT
      
       
      Unable to discover or connect to Bluetooth devices
      Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:48 PM PT
      
       
      Intel Audio displays an intcdaud.sys notification
      Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:47 PM PT
      
       
      Cannot launch Camera app 
      Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

      See details >      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		May 21, 2019 
      04:47 PM PT
      
-      
+      
      DetailsOriginating updateStatusHistory
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Next steps: Microsoft is working on a resolution and estimates a solution will be available late August. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive the update once it is released.

      Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

      Back to top      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Investigating
      KB4512941      		Last updated:
      August 17, 2019 
      01:49 PM PT

      Opened:
      August 14, 2019 
      03:34 PM PT
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.

      Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

      Back to top      		OS Build 18362.295

      August 13, 2019
      KB4512508      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      August 14, 2019 
      03:34 PM PT
      
       
      Updates may fail to install and you may receive Error 0x80073701
      Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      August 16, 2019 
      04:28 PM PT

      Opened:
      August 16, 2019 
      01:41 PM PT
      
       
      MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
      You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved External
      		Last updated:
      August 09, 2019 
      07:03 PM PT

      Opened:
      August 09, 2019 
      04:25 PM PT
      
       
      
@@ -106,12 +106,12 @@ sections:
   - type: markdown
     text: "
       
-      
-      
+      
+      
+      
+      
-      
-      
      DetailsOriginating updateStatusHistory
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

      To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

      Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
      HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
      Next steps: At this time, we suggest that devices in an affected environment do not install KB4497935. We are working on a resolution and estimate a solution will be available in late August.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		Last updated:
      August 13, 2019 
      06:59 PM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      Issues updating when certain versions of Intel storage drivers are installed
      Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

      To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

      Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Workaround: To mitigate this issue before the resolution is released, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

      Next Steps: We are working on a resolution and estimate a solution will be available in late August.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Mitigated External
      		Last updated:
      August 09, 2019 
      07:03 PM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      Issues updating when certain versions of Intel storage drivers are installed
      Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

      To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

      Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Workaround: To mitigate this issue before the safeguard hold is removed, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

      Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

      Affected platforms:
      • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 10, 2019 
      02:51 PM PT
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

      To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

      Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
      HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

      Affected platforms:
      • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
      • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
      Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      July 25, 2019 
      06:10 PM PT
      
       
      The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
      Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.

      To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      		Last updated:
      July 16, 2019 
      09:04 AM PT

      Opened:
      July 12, 2019 
      04:20 PM PT
      Initiating a Remote Desktop connection may result in black screen
      When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

      Affected platforms:
      • Client: Windows 10, version 1903
      • Server: Windows Server, version 1903
      Next steps: We are working on a resolution that will be made available in upcoming release.

      Back to top      		OS Build 18362.145

      May 29, 2019
      KB4497935      		Investigating
      KB4512941      		Last updated:
      July 12, 2019 
      04:42 PM PT

      Opened:
      July 12, 2019 
      04:42 PM PT
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

      Affected platforms:
      • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
      Workaround: 
      To mitigate this issue on an SCCM server:
      1. Verify Variable Window Extension is enabled.
      2. Set the values of TFTP block size to 4096 and TFTP window size to 1. For guidance on how to configure them, see Customize the RamDisk TFTP block and window sizes on PXE-enabled distribution points.
      Note Try the default values for TFTP block size and TFTP window size first but depending on your environment and overall settings, you may need to adjust them for your setup. You can also try the Enable a PXE responder without Windows Deployment Service setting. For more information on this setting, see Install and configure distribution points in Configuration Manager.

      To mitigate this issue on a WDS server without SCCM:
      1. In WDS TFTP settings, verify Variable Window Extension is enabled.
      2. In the Boot Configuration Data (BCD) of the imported image, set RamDiskTFTPBlockSize to 1456.
      3. In the BCD of the imported image, set RamDiskTFTPWindowSize to 4.
      Note Try the default values for RamDiskTFTPBlockSize and RamDiskTFTPWindowSize first but depending on your environment and overall settings, you may need to adjust them for your setup.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.175

      June 11, 2019
      KB4503293      		Mitigated
      KB4512941      		Last updated:
      July 10, 2019 
      07:09 PM PT

      Opened:
      July 10, 2019 
      02:51 PM PT
      
       
      
       "
 
@@ -120,7 +120,7 @@ sections:
   - type: markdown
     text: "
       
-      
+      
diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml
index eee75f9b25..2785208d7d 100644
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@@ -50,6 +50,7 @@ sections:
     text: "
       
      DetailsOriginating updateStatusHistory
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

      Affected platforms:
      • Client: Windows 10, version 1903
      Next steps: We are working on a resolution and estimates a solution will be available in late August.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Investigating
      KB4512941      		Last updated:
      August 20, 2019 
      11:06 AM PT

      Opened:
      May 24, 2019 
      04:20 PM PT
      Windows Sandbox may fail to start with error code “0x80070002”
      Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue was resolved in KB4512941.

      Back to top      		OS Build 18362.116

      May 20, 2019
      KB4505057      		Resolved
      KB4512941      		Resolved:
      August 30, 2019 
      10:00 AM PT

      Opened:
      May 24, 2019 
      04:20 PM PT
      
       
      Intermittent loss of Wi-Fi connectivity
      Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

      To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).
       
      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated External
      		Last updated:
      August 01, 2019 
      08:44 PM PT

      Opened:
      May 21, 2019 
      07:13 AM PT
      
       
      Gamma ramps, color profiles, and night light settings do not apply in some cases
      Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

      Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
      • Connecting to (or disconnecting from) an external monitor, dock, or projector
      • Rotating the screen
      • Updating display drivers or making other display mode changes
      • Closing full screen applications
      • Applying custom color profiles
      • Running applications that rely on custom gamma ramps
      Affected platforms:
      • Client: Windows 10, version 1903
      Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

      Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

      Next steps: We are working on a resolution and will provide an update in an upcoming release.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Mitigated
      		Last updated:
      August 01, 2019 
      06:27 PM PT

      Opened:
      May 21, 2019 
      07:28 AM PT
      
       
      Display brightness may not respond to adjustments
      Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

      To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

      Affected platforms:
      • Client: Windows 10, version 1903
      Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

      Back to top      		OS Build 18362.116

      May 21, 2019
      KB4505057      		Resolved
      KB4505903      		Resolved:
      July 26, 2019 
      02:00 PM PT

      Opened:
      May 21, 2019 
      07:56 AM PT
      
       
+      

From a3e8df7887360386fd8e2ca063a005b2d97f9467 Mon Sep 17 00:00:00 2001
From: illfated 
Date: Sun, 1 Sep 2019 14:02:42 +0200
Subject: [PATCH 046/113] Windows/What's New: amend broken link in See Also

The first link under "See Also",
"What's New in Windows Server, version 1903" ,
is broken because it points to the wrong directory for the file
'whats-new-in-windows-server-1903' which resides in the new directory
/get-started-19/ instead of the old directory /get-started/.

This directory difference is only present in the docs.microsoft.com
pages, not on Github. The links are therefore pointing directly to the
docs.microsoft.com pages instead of being relative to the Github
directory structure.

Broken link:
https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903

Operative link:
https://docs.microsoft.com/windows-server/get-started-19/whats-new-in-windows-server-1903

Closes #4784
---
 windows/whats-new/whats-new-windows-10-version-1903.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md
index 0301b62f00..ffee11cd13 100644
--- a/windows/whats-new/whats-new-windows-10-version-1903.md
+++ b/windows/whats-new/whats-new-windows-10-version-1903.md
@@ -144,7 +144,7 @@ Several new features are coming in the next version of Edge. See the [news from
 
 ## See Also
 
-[What's New in Windows Server, version 1903](https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903): New and updated features in Windows Server.
      
+[What's New in Windows Server, version 1903](https://docs.microsoft.com/windows-server/get-started-19/whats-new-in-windows-server-1903): New and updated features in Windows Server.
      
 [Windows 10 Features](https://www.microsoft.com/windows/features): Review general information about Windows 10 features.
      
 [What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
      
 [What's new in Windows 10](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-windows): See what’s new in Windows 10 hardware.
      

From 8a614b51efd80cfca739e6587d683bd0f07fd096 Mon Sep 17 00:00:00 2001
From: Zhanguo Tu 
Date: Mon, 2 Sep 2019 09:55:46 +0800
Subject: [PATCH 047/113] Update TOC.md

---
 mdop/mbam-v25/TOC.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mdop/mbam-v25/TOC.md b/mdop/mbam-v25/TOC.md
index a33c126e12..01a083b8b8 100644
--- a/mdop/mbam-v25/TOC.md
+++ b/mdop/mbam-v25/TOC.md
@@ -83,6 +83,7 @@
 #### [Monitoring Web Service Request Performance Counters](monitoring-web-service-request-performance-counters.md)
 ### [Using Windows PowerShell to Administer MBAM 2.5](using-windows-powershell-to-administer-mbam-25.md)
 ## [Troubleshooting MBAM 2.5](troubleshooting-mbam-25.md)
+### [Upgrade from MBAM 2.5 to MBAM 2.5 SP1](upgrade-mbam2.5-sp1.md)
 ## [Applying hotfixes on MBAM 2.5 SP1](apply-hotfix-for-mbam-25-sp1.md)
 ## [Technical Reference for MBAM 2.5](technical-reference-for-mbam-25.md)
 ### [Client Event Logs](client-event-logs.md)

From 07d09292c1005a1b658720717ec4cd07b6a3151d Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Mon, 2 Sep 2019 09:25:55 +0500
Subject: [PATCH 048/113] Added multifactor unlock

Added multifactor unlock feature update using Passport for work CSP.

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4700
---
 .../hello-for-business/feature-multifactor-unlock.md             | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
index 662c89648d..9f9b53626a 100644
--- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
+++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
@@ -332,6 +332,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H
 > * PIN **must** be in at least one of the groups
 > * Trusted signals **must** be combined with another credential provider
 > * You cannot use the same unlock factor to satisfy both categories. Therefore, if you include any credential provider in both categories, it means it can satisfy either category, but not both.
+> * The multifactor unlock feature is also supported via the Passport for Work CSP, see [Passport For Work CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp).
 
 1. Start the **Group Policy Management Console** (gpmc.msc)
 2. Expand the domain and select the **Group Policy Object** node in the navigation pane.

From 4c85b8800c95420fb095edb509032c63dbff1f63 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Mon, 2 Sep 2019 11:58:00 +0300
Subject: [PATCH 049/113] Added policies for 1803 and 1809 (1903 not out yet)

https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3912
---
 .../new-policies-for-windows-10.md            | 226 ++++++++++++++++++
 1 file changed, 226 insertions(+)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 2c02926ece..35b4cfd10c 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -25,6 +25,232 @@ ms.topic: reference
 
 Windows 10 includes the following new policies for management. [Download the complete set of Administrative Template (.admx) files for Windows 10](https://www.microsoft.com/download/details.aspx?id=56121).
 
+
+## New Group Policy settings in Windows 10, version 1809
+
+The following Group Policy settings were added in Windows 10, version 1809:
+
+**Start Menu and Taskbar**
+
+- Start Menu and Taskbar\Force Start to be either full screen size or menu size
+- Start Menu and Taskbar\Remove "Recently added" list from Start Menu
+- Start Menu and Taskbar\Remove All Programs list from the Start menu
+- Start Menu and Taskbar\Remove frequent programs list from the Start Menu
+
+**System**
+
+- System\Group Policy\Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services
+- System\Group Policy\Configure Applications preference extension policy processing
+- System\Group Policy\Configure Data Sources preference extension policy processing
+- System\Group Policy\Configure Devices preference extension policy processing
+- System\Group Policy\Configure Drive Maps preference extension policy processing
+- System\Group Policy\Configure Environment preference extension policy processing
+- System\Group Policy\Configure Files preference extension policy processing
+- System\Group Policy\Configure Folder Options preference extension policy processing
+- System\Group Policy\Configure Folders preference extension policy processing
+- System\Group Policy\Configure Ini Files preference extension policy processing
+- System\Group Policy\Configure Internet Settings preference extension policy processing
+- System\Group Policy\Configure Local Users and Groups preference extension policy processing
+- System\Group Policy\Configure Network Options preference extension policy processing
+- System\Group Policy\Configure Network Shares preference extension policy processing
+- System\Group Policy\Configure Power Options preference extension policy processing
+- System\Group Policy\Configure Printers preference extension policy processing
+- System\Group Policy\Configure Regional Options preference extension policy processing
+- System\Group Policy\Configure Registry preference extension policy processing
+- System\Group Policy\Configure Scheduled Tasks preference extension policy processing
+- System\Group Policy\Configure Services preference extension policy processing
+- System\Group Policy\Configure Shortcuts preference extension policy processing
+- System\Group Policy\Configure Start Menu preference extension policy processing
+- System\Group Policy\Logging and tracing\Configure Applications preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Data Sources preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Devices preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Drive Maps preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Environment preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Files preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Folder Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Folders preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Ini Files preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Internet Settings preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Local Users and Groups preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Network Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Network Shares preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Power Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Printers preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Regional Options preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Registry preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Scheduled Tasks preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Services preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Shortcuts preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure Start Menu preference logging and tracing
+- System\Kernel DMA Protection\Enumeration policy for external devices incompatible with Kernel DMA Protection
+- System\OS Policies\Allow Clipboard History
+- System\OS Policies\Allow Clipboard synchronization across devices
+
+**Windows Components**
+
+- Windows Components\Data Collection and Preview Builds\Configure Microsoft 365 Update Readiness upload endpoint
+- Windows Components\Data Collection and Preview Builds\Disable deleting diagnostic data
+- Windows Components\Data Collection and Preview Builds\Disable diagnostic data viewer.
+- Windows Components\Delivery Optimization\[Reserved for future use] Cache Server Hostname
+- Windows Components\Location and Sensors\Windows Location Provider\Turn off Windows Location Provider
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\DFS Management
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\File Server Resource Manager
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Share and Storage Management
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Storage Manager for SANs
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\DFS Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Disk Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\File Server Resource Manager Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Share and Storage Management Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Storage Manager for SANS Extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Management Editor
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Starter GPO Editor
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Application snap-ins
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Applications preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Computers)
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Users)
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Data Sources preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Devices preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Drive Maps preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Environment preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Files preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folder Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folders preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Ini Files preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Internet Settings preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Local Users and Groups preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Shares preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Power Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Preferences tab
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Printers preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Regional Options preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Registry preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Scheduled Tasks preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Services preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Shortcuts preference extension
+- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Start Menu preference extension
+- Windows Components\OOBE\Don't launch privacy settings experience on user logon
+- Windows Components\OOBE\Don't launch privacy settings experience on user logon
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Do not use Remote Desktop Session Host server IP address when virtual IP address is not available
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Select the network adapter to be used for Remote Desktop IP Virtualization
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn off Windows Installer RDS Compatibility
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn on Remote Desktop IP Virtualization
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Allow remote start of unlisted programs
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Turn off Fair Share CPU Scheduling
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Allow time zone redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow Clipboard redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\RD Connection Broker\Use RD Connection Broker load balancing
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Allow desktop composition for remote desktop sessions
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Always show desktop on connection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Do not allow font smoothing
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Remove remote desktop wallpaper
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions
+- Windows Components\Windows Defender Antivirus\Configure detection for potentially unwanted applications
+- Windows Components\Windows Defender Antivirus\Scan\Configure low CPU priority for scheduled scans
+- Windows Components\Windows Defender Application Guard\Allow camera and microphone access in Windows Defender Application Guard
+- Windows Components\Windows Defender Application Guard\Allow users to trust files that open in Windows Defender Application Guard
+- Windows Components\Windows Defender Application Guard\Allow Windows Defender Application Guard to use Root Certificate Authorities from the user’s device
+- Windows Components\Windows Defender Application Guard\Configure additional sources for untrusted files in Windows Defender Application Guard.
+- Windows Components\Windows Hello for Business\Use Windows Hello for Business certificates as smart card certificates
+- Windows Components\Windows Media Player\Do Not Show First Use Dialog Boxes
+- Windows Components\Windows Media Player\Prevent Automatic Updates
+- Windows Components\Windows Media Player\Prevent CD and DVD Media Information Retrieval
+- Windows Components\Windows Media Player\Prevent Desktop Shortcut Creation
+- Windows Components\Windows Media Player\Prevent Media Sharing
+- Windows Components\Windows Media Player\Prevent Music File Media Information Retrieval
+- Windows Components\Windows Media Player\Prevent Quick Launch Toolbar Shortcut Creation
+- Windows Components\Windows Media Player\Prevent Radio Station Preset Retrieval
+- Windows Components\Windows Media Player\Prevent Video Smoothing
+- Windows Components\Windows Media Player\Networking\Configure HTTP Proxy
+- Windows Components\Windows Media Player\Networking\Configure MMS Proxy
+- Windows Components\Windows Media Player\Networking\Configure Network Buffering
+- Windows Components\Windows Media Player\Networking\Configure RTSP Proxy
+- Windows Components\Windows Media Player\Networking\Hide Network Tab
+- Windows Components\Windows Media Player\Networking\Streaming Media Protocols
+- Windows Components\Windows Media Player\Playback\Allow Screen Saver
+- Windows Components\Windows Media Player\Playback\Prevent Codec Download
+- Windows Components\Windows Media Player\User Interface\Do Not Show Anchor
+- Windows Components\Windows Media Player\User Interface\Hide Privacy Tab
+- Windows Components\Windows Media Player\User Interface\Hide Security Tab
+- Windows Components\Windows Media Player\User Interface\Set and Lock Skin
+- Windows Components\Windows Security\Account protection\Hide the Account protection area
+- Windows Components\Windows Security\App and browser protection\Hide the App and browser protection area
+- Windows Components\Windows Security\App and browser protection\Prevent users from modifying settings
+- Windows Components\Windows Security\Device performance and health\Hide the Device performance and health area
+- Windows Components\Windows Security\Device security\Disable the Clear TPM button
+- Windows Components\Windows Security\Device security\Hide the Device security area
+- Windows Components\Windows Security\Device security\Hide the Secure boot area
+- Windows Components\Windows Security\Device security\Hide the Security processor (TPM) troubleshooter page
+- Windows Components\Windows Security\Device security\Hide the TPM Firmware Update recommendation.
+- Windows Components\Windows Security\Enterprise Customization\Configure customized contact information
+- Windows Components\Windows Security\Enterprise Customization\Configure customized notifications
+- Windows Components\Windows Security\Enterprise Customization\Specify contact company name
+- Windows Components\Windows Security\Enterprise Customization\Specify contact email address or Email ID
+- Windows Components\Windows Security\Enterprise Customization\Specify contact phone number or Skype ID
+- Windows Components\Windows Security\Enterprise Customization\Specify contact website
+- Windows Components\Windows Security\Family options\Hide the Family options area
+- Windows Components\Windows Security\Firewall and network protection\Hide the Firewall and network protection area
+- Windows Components\Windows Security\Notifications\Hide all notifications
+- Windows Components\Windows Security\Notifications\Hide non-critical notifications
+- Windows Components\Windows Security\Systray\Hide Windows Security Systray
+- Windows Components\Windows Security\Virus and threat protection\Hide the Ransomware data recovery area
+- Windows Components\Windows Security\Virus and threat protection\Hide the Virus and threat protection area
+- Windows Components\Windows Update\Display options for update notifications
+- Windows Components\Windows Update\Remove access to "Pause updates" feature
+
+**Control Panel**
+
+- Control Panel\Settings Page Visibility
+- Control Panel\Regional and Language Options\Allow users to enable online speech recognition services
+
+**Network**
+
+- Network\Windows Connection Manager\Enable Windows to soft-disconnect a computer from a network
+
+
+## New Group Policy settings in Windows 10, version 1803
+
+The following Group Policy settings were added in Windows 10, version 1803:
+
+**System*
+
+- System\Credentials Delegation\Encryption Oracle Remediation
+- System\Group Policy\Phone-PC linking on this device
+- System\OS Policies\Allow upload of User Activities
+
+**Windows Components*
+
+- Windows Components\App Privacy\Let Windows apps access an eye tracker device
+- Windows Components\Cloud Content\Turn off Windows Spotlight on Settings
+- Windows Components\Data Collection and Preview Builds\Allow device name to be sent in Windows diagnostic data
+- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in setting user interface
+- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in change notifications
+- Windows Components\Delivery Optimization\Maximum Background Download Bandwidth (percentage)
+- Windows Components\Delivery Optimization\Maximum Foreground Download Bandwidth (percentage)
+- Windows Components\Delivery Optimization\Select the source of Group IDs
+- Windows Components\Delivery Optimization\Delay background download from http (in secs)
+- Windows Components\Delivery Optimization\Delay Foreground download from http (in secs)
+- Windows Components\Delivery Optimization\Select a method to restrict Peer Selection
+- Windows Components\Delivery Optimization\Set Business Hours to Limit Background Download Bandwidth
+- Windows Components\Delivery Optimization\Set Business Hours to Limit Foreground Download Bandwidth
+- Windows Components\IME\Turn on Live Sticker
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow video capture redirection
+- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Use hardware graphics adapters for all Remote Desktop Services sessions
+- Windows Components\Search\Allow Cortana Page in OOBE on an AAD account
+- Windows Components\Store\Disable all apps from Microsoft Store
+- Windows Components\Text Input\Allow Uninstallation of Language Features
+- Windows Components\Text Input\Improve inking and typing recognition
+- Windows Components\Windows Defender Application Guard\Allow hardware-accelerated rendering for Windows Defender Application Guard
+- Windows Components\Windows Defender Security Center\Account protection\Hide the Account protection area
+- Windows Components\Windows Defender Security Center\Device security\Hide the Device security area
+- Windows Components\Windows Defender Security Center\Device security\Hide the Security processor (TPM) troubleshooter page
+- Windows Components\Windows Defender Security Center\Device security\Hide the Secure boot area
+- Windows Components\Windows Defender Security Center\Virus and threat protection\Hide the Ransomware data recovery area
+
+
 ## New Group Policy settings in Windows 10, version 1709
 
 The following Group Policy settings were added in Windows 10, version 1709:

From 88cee50f852809e5743db575b710fe65c623ca15 Mon Sep 17 00:00:00 2001
From: Tom Henderson 
Date: Tue, 3 Sep 2019 08:16:55 +1200
Subject: [PATCH 050/113] Fix typo

---
 .../auditing/audit-token-right-adjusted.md                  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
index 560a49db64..714fa80c3b 100644
--- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -16,9 +16,9 @@ For more information, see [Security Monitoring: A Possible New Way to Detect Pri
 
 | Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 |-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the proveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
 
 **Events List:**
 

From ed256e81f4283620414f325b25c53c0c153b1f9a Mon Sep 17 00:00:00 2001
From: Tom Henderson 
Date: Tue, 3 Sep 2019 09:50:58 +1200
Subject: [PATCH 051/113] Actually fix typos

---
 .../auditing/audit-token-right-adjusted.md             | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
index 714fa80c3b..1a3e4c8136 100644
--- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
+++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md
@@ -1,6 +1,6 @@
 ---
 title: Audit Token Right Adjusted (Windows 10)
-description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the priveleges of a token.
+description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the privileges of a token.
 ---
 
 # Audit Token Right Adjusted
@@ -10,15 +10,15 @@ description: This topic for the IT professional describes the Advanced Security
 -   Windows Server 2016
 
 
-Audit Token Right Adjusted allows you to audit events generated by adjusting the priveleges of a token. 
+Audit Token Right Adjusted allows you to audit events generated by adjusting the privileges of a token. 
 
 For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/)
 
 | Computer Type     | General Success | General Failure | Stronger Success | Stronger Failure | Comments                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 |-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
-| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the priveleges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Domain Controller | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Member Server     | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
+| Workstation       | IF              | No              | IF               | No               | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. |
 
 **Events List:**
 

From f3bce048b9cb1152c7949bb904fc11486efcff90 Mon Sep 17 00:00:00 2001
From: illfated 
Date: Tue, 3 Sep 2019 08:04:27 +0200
Subject: [PATCH 052/113] Windows Defender Antivirus: amend broken link

From the issue ticket
> Set-mppreference is configured with dead URL. (#4831)

- The link "Use the [Set-MpPreference][]" is broken,
  but without the empty brackets it will work as expected.
- Removing the redundant empty brackets after the next link too.

Closes #4831
---
 .../deploy-manage-report-windows-defender-antivirus.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
index 404e3d39cf..b95dce5844 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ Tool|Deployment options (2)|Management options (net
 Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management)  
 System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][]  
 Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
-PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][]
+PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
 Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
 Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD.
 

From ecc07a3487c26e0e15e2b6066ee7ae84051d68e9 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 09:43:10 +0300
Subject: [PATCH 053/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 35b4cfd10c..7d31757868 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -215,7 +215,7 @@ The following Group Policy settings were added in Windows 10, version 1809:
 
 The following Group Policy settings were added in Windows 10, version 1803:
 
-**System*
+**System**
 
 - System\Credentials Delegation\Encryption Oracle Remediation
 - System\Group Policy\Phone-PC linking on this device

From aa75d27f9bccc7637ce7a58760934b6960efff87 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 09:43:20 +0300
Subject: [PATCH 054/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 7d31757868..3f1b9ce27c 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -221,7 +221,7 @@ The following Group Policy settings were added in Windows 10, version 1803:
 - System\Group Policy\Phone-PC linking on this device
 - System\OS Policies\Allow upload of User Activities
 
-**Windows Components*
+**Windows Components**
 
 - Windows Components\App Privacy\Let Windows apps access an eye tracker device
 - Windows Components\Cloud Content\Turn off Windows Spotlight on Settings

From f6073c6357889d55ee521969c09c851905b77388 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Tue, 3 Sep 2019 12:24:57 +0500
Subject: [PATCH 055/113] Update upgrading-to-mbam-25-sp1-from-mbam-25.md

---
 .../upgrading-to-mbam-25-sp1-from-mbam-25.md       | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md b/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md
index d71c2b2b2a..4e0f5b098c 100644
--- a/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md
+++ b/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md
@@ -17,8 +17,8 @@ ms.date: 2/16/2018
 This topic describes the process for upgrading the Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 and the MBAM Client from 2.5 to MBAM 2.5 SP1.
 
 ### Before you begin
-#### Download the July 2018 servicing release
-[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=57157)
+#### Download the May 2019 servicing release
+[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=58345)
 
 #### Verify the installation documentaion
 Verify you have a current documentation of your MBAM environment, including all server names, database names, service accounts and their passwords.
@@ -29,7 +29,7 @@ Verify you have a current documentation of your MBAM environment, including all
    Note: You will not see an option to remove the Databases; this is expected.  
 2. Install 2.5 SP1 (Located with MDOP - Microsoft Desktop Optimization Pack 2015 from the Volume Licensing Service Center site:  
 3. Do not configure it at this time 
-4. Install the July 2018 Rollup: https://www.microsoft.com/download/details.aspx?id=57157
+4. Install the May 2019 Rollup: https://www.microsoft.com/download/details.aspx?id=58345
 5. Using the MBAM Configurator; re-add the Reports role
 6. This will configure the SSRS connection using the latest MBAM code from the rollup 
 7. Using the MBAM Configurator; re-add the SQL Database role on the SQL Server.
@@ -40,13 +40,13 @@ Verify you have a current documentation of your MBAM environment, including all
 1. Using the MBAM Configurator; remove the Admin and Self Service Portals from  the IIS server
 2. Install MBAM 2.5 SP1
 3. Do not configure it at this time  
-4. Install the July 2018 Rollup on the IIS server(https://www.microsoft.com/download/details.aspx?id=57157)
+4. Install the May 2019 Rollup on the IIS server(https://www.microsoft.com/download/details.aspx?id=58345)
 5. Using the MBAM Configurator; re-add the Admin and Self Service Portals to the IIS server 
-6. This will configure the sites using the latest MBAM code from the July 2018 Rollup
+6. This will configure the sites using the latest MBAM code from the May 2019 Rollup
 7. Open an elevated command prompt, Type: **IISRESET** and Hit Enter.
  
 #### Steps to upgrade the MBAM Clients/Endpoints
 1. Uninstall the 2.5 Agent from client endpoints
 2. Install the 2.5 SP1 Agent on the client endpoints
-3. Push out the July 2018 Rollup Client update to clients running the 2.5 SP1 Agent 
-4. There is no need to uninstall the existing client prior to installing the July 2018 Rollup.  
+3. Push out the May 2019 Rollup Client update to clients running the 2.5 SP1 Agent 
+4. There is no need to uninstall the existing client prior to installing the May 2019 Rollup.  

From 53eaa08a1b37c95d929c75c9a83ec7d264dd6f1b Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 10:25:23 +0300
Subject: [PATCH 056/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 3f1b9ce27c..e5f5732613 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -69,7 +69,7 @@ The following Group Policy settings were added in Windows 10, version 1809:
 - System\Group Policy\Logging and tracing\Configure Files preference logging and tracing
 - System\Group Policy\Logging and tracing\Configure Folder Options preference logging and tracing
 - System\Group Policy\Logging and tracing\Configure Folders preference logging and tracing
-- System\Group Policy\Logging and tracing\Configure Ini Files preference logging and tracing
+- System\Group Policy\Logging and tracing\Configure INI Files preference logging and tracing
 - System\Group Policy\Logging and tracing\Configure Internet Settings preference logging and tracing
 - System\Group Policy\Logging and tracing\Configure Local Users and Groups preference logging and tracing
 - System\Group Policy\Logging and tracing\Configure Network Options preference logging and tracing

From cf79e40de47328bb67bf5b885e984a6e615b0058 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 10:33:27 +0300
Subject: [PATCH 057/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index e5f5732613..ee17130e61 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -90,7 +90,7 @@ The following Group Policy settings were added in Windows 10, version 1809:
 
 - Windows Components\Data Collection and Preview Builds\Configure Microsoft 365 Update Readiness upload endpoint
 - Windows Components\Data Collection and Preview Builds\Disable deleting diagnostic data
-- Windows Components\Data Collection and Preview Builds\Disable diagnostic data viewer.
+- Windows Components\Data Collection and Preview Builds\Disable diagnostic data viewer
 - Windows Components\Delivery Optimization\[Reserved for future use] Cache Server Hostname
 - Windows Components\Location and Sensors\Windows Location Provider\Turn off Windows Location Provider
 - Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\DFS Management

From 1ce4d0d7674e6e863a0c271bd72e239e196f1c96 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 11:07:28 +0300
Subject: [PATCH 058/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index ee17130e61..abfee61793 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -184,7 +184,7 @@ The following Group Policy settings were added in Windows 10, version 1809:
 - Windows Components\Windows Security\Device security\Hide the Device security area
 - Windows Components\Windows Security\Device security\Hide the Secure boot area
 - Windows Components\Windows Security\Device security\Hide the Security processor (TPM) troubleshooter page
-- Windows Components\Windows Security\Device security\Hide the TPM Firmware Update recommendation.
+- Windows Components\Windows Security\Device security\Hide the TPM Firmware Update recommendation
 - Windows Components\Windows Security\Enterprise Customization\Configure customized contact information
 - Windows Components\Windows Security\Enterprise Customization\Configure customized notifications
 - Windows Components\Windows Security\Enterprise Customization\Specify contact company name

From aae3562284c9035d0cfb8ca353970dceaf634521 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Tue, 3 Sep 2019 11:07:39 +0300
Subject: [PATCH 059/113] Update
 windows/client-management/new-policies-for-windows-10.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/client-management/new-policies-for-windows-10.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index abfee61793..da9546ba23 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -153,7 +153,7 @@ The following Group Policy settings were added in Windows 10, version 1809:
 - Windows Components\Windows Defender Application Guard\Allow camera and microphone access in Windows Defender Application Guard
 - Windows Components\Windows Defender Application Guard\Allow users to trust files that open in Windows Defender Application Guard
 - Windows Components\Windows Defender Application Guard\Allow Windows Defender Application Guard to use Root Certificate Authorities from the user’s device
-- Windows Components\Windows Defender Application Guard\Configure additional sources for untrusted files in Windows Defender Application Guard.
+- Windows Components\Windows Defender Application Guard\Configure additional sources for untrusted files in Windows Defender Application Guard
 - Windows Components\Windows Hello for Business\Use Windows Hello for Business certificates as smart card certificates
 - Windows Components\Windows Media Player\Do Not Show First Use Dialog Boxes
 - Windows Components\Windows Media Player\Prevent Automatic Updates

From 89ece6e3df1985982fef4813eccaf6a40b001cd3 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 3 Sep 2019 13:35:02 +0500
Subject: [PATCH 060/113] URL addition of OWA

Added URL for OWA attachment protection using WIP

Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3747
---
 .../recommended-network-definitions-for-wip.md                   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
index 0852a6c1be..80814f122c 100644
--- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
+++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md
@@ -35,6 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc
 |-----------------------------|---------------------------------------------------------------------|
 |Office 365 for Business |
      • contoso.sharepoint.com
      • contoso-my.sharepoint.com
      • contoso-files.sharepoint.com
      • tasks.office.com
      • protection.office.com
      • meet.lync.com
      • teams.microsoft.com
       |
 |Yammer |
      • www.yammer.com
      • yammer.com
      • persona.yammer.com
       |
+|Outlook Web Access (OWA) |
      • attachments.office.net
       |
 |Microsoft Dynamics |contoso.crm.dynamics.com |
 |Visual Studio Online |contoso.visualstudio.com |
 |Power BI |contoso.powerbi.com |

From 30a8492341d7d78321b12a374d39cf58f82cdafa Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Tue, 3 Sep 2019 13:42:17 +0500
Subject: [PATCH 061/113] Update
 windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md

Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../hello-for-business/feature-multifactor-unlock.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
index 9f9b53626a..3da855c332 100644
--- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
+++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
@@ -332,7 +332,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H
 > * PIN **must** be in at least one of the groups
 > * Trusted signals **must** be combined with another credential provider
 > * You cannot use the same unlock factor to satisfy both categories. Therefore, if you include any credential provider in both categories, it means it can satisfy either category, but not both.
-> * The multifactor unlock feature is also supported via the Passport for Work CSP, see [Passport For Work CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp).
+> * The multifactor unlock feature is also supported via the Passport for Work CSP. See [Passport For Work CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) for more information.
 
 1. Start the **Group Policy Management Console** (gpmc.msc)
 2. Expand the domain and select the **Group Policy Object** node in the navigation pane.

From 92fd005e11a96dc29c4abbfc40007603cc7a039b Mon Sep 17 00:00:00 2001
From: Guy Reginiano <45633598+guregini@users.noreply.github.com>
Date: Tue, 3 Sep 2019 16:01:15 +0300
Subject: [PATCH 062/113] Fixed text

"Automated investigation" instead of "Alert"
---
 .../microsoft-defender-atp/automated-investigations.md        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
index 89c574f14d..0d2841c46b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
@@ -40,7 +40,7 @@ Entities are the starting point for Automated investigations. When an alert cont
 >- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/en-us/help/4493464/windows-10-update-kb4493464)) or later
 >- Later versions of Windows 10
 
-The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.
+The Automated investigation starts by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.
 
 ### Details of an Automated investigation
 
@@ -85,4 +85,4 @@ The default machine group is configured for semi-automatic remediation. This mea
 When a pending action is approved, the entity is then remediated and this new state is reflected in the **Entities** tab of the investigation.
 
 ## Related topic
-- [Learn about the automated investigations dashboard](manage-auto-investigation.md)
\ No newline at end of file
+- [Learn about the automated investigations dashboard](manage-auto-investigation.md)

From dc36b076b83f6f87eb74e638edccc50d52760beb Mon Sep 17 00:00:00 2001
From: adrianwells 
Date: Tue, 3 Sep 2019 13:40:50 -0400
Subject: [PATCH 063/113] Update waas-overview.md

Corrected a typo
---
 windows/deployment/update/waas-overview.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 49efd6e3b2..80a680fadf 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -132,7 +132,7 @@ Specialized systems—such as devices that control medical equipment, point-of-s
 > [!NOTE]
 > Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version.
 >
->Long-term Servicing channel is not intended for deployment on most or all the devicess in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
+>Long-term Servicing channel is not intended for deployment on most or all the devices in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
 
 Microsoft never publishes feature updates through Windows Update on devices that run Windows 10 Enterprise LTSB. Instead, it typically offers new LTSC releases every 2–3 years, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle.
 

From 70d8ed254957950bc37c00866b0d626d8c22c857 Mon Sep 17 00:00:00 2001
From: adrianwells 
Date: Tue, 3 Sep 2019 13:53:58 -0400
Subject: [PATCH 064/113] Update windows/deployment/update/waas-overview.md

Makes sense.

Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
 windows/deployment/update/waas-overview.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 80a680fadf..02b95b42a5 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -132,7 +132,7 @@ Specialized systems—such as devices that control medical equipment, point-of-s
 > [!NOTE]
 > Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version.
 >
->Long-term Servicing channel is not intended for deployment on most or all the devices in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
+> Long-term Servicing channel is not intended for deployment on most or all the devices in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.
 
 Microsoft never publishes feature updates through Windows Update on devices that run Windows 10 Enterprise LTSB. Instead, it typically offers new LTSC releases every 2–3 years, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle.
 

From 8b3979b9a55d226b6a8e52936d057f8812dcdacc Mon Sep 17 00:00:00 2001
From: John Liu <49762389+ShenLanJohn@users.noreply.github.com>
Date: Tue, 3 Sep 2019 14:02:07 -0700
Subject: [PATCH 065/113] CAT Auto Pulish for Windows Release Messages -
 20190903135254 (#1033)

* SIEM connector: change alert notion to Detection

* update casing and redirects

* remove space json file

* fix json

* CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190903123340 (#1031)
---
 .openpublishing.redirection.json              |  19 ++-
 .../resolved-issues-windows-10-1803.yml       |  10 ++
 ...indows-10-1809-and-windows-server-2019.yml |  12 --
 .../status-windows-10-1803.yml                |  10 ++
 .../status-windows-10-1903.yml                |   2 -
 windows/security/threat-protection/TOC.md     |  15 +--
 .../api-portal-mapping.md                     |  71 +++++-----
 .../configure-arcsight.md                     |  21 +--
 .../microsoft-defender-atp/configure-siem.md  |  35 ++---
 .../configure-splunk.md                       |  24 ++--
 .../enable-siem-integration.md                |  23 ++--
 .../get-ip-related-machines.md                | 122 ------------------
 .../is-domain-seen-in-org.md                  |  82 ------------
 .../microsoft-defender-atp/is-ip-seen-org.md  |  82 ------------
 .../microsoft-defender-atp/management-apis.md |   1 -
 .../microsoft-defender-atp/oldTOC.txt         |  15 +--
 .../pull-alerts-using-rest-api.md             |  48 +++----
 .../troubleshoot-siem.md                      |  10 +-
 18 files changed, 176 insertions(+), 426 deletions(-)
 delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines.md
 delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md
 delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/is-ip-seen-org.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 16a10bcb81..95b887e08a 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -14778,7 +14778,7 @@
 {
 "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection-new.md",
 "redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts",
-"redirect_document_id": true
+"redirect_document_id": false
 },
 {
 "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md",
@@ -14788,7 +14788,7 @@
 {
 "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md",
 "redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines",
-"redirect_document_id": true
+"redirect_document_id": false
 },
 {
 "source_path": "windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md",
@@ -15131,6 +15131,21 @@
 "redirect_document_id": true
 },
 {
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/is-domain-seen-in-org.md",
+"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts",
+"redirect_document_id": false
+},
+{
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/get-ip-related-machines.md",
+"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts",
+"redirect_document_id": true
+},
+{
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp/is-ip-seen-org.md",
+"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp/exposed-apis-list",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md",
 "redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/machineaction",
 "redirect_document_id": true
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml
index b3059b9fe8..f6b4c85fb6 100644
--- a/windows/release-information/resolved-issues-windows-10-1803.yml
+++ b/windows/release-information/resolved-issues-windows-10-1803.yml
@@ -32,6 +32,7 @@ sections:
   - type: markdown
     text: "
       
      MessageDate
      Status update: Windows 10, version 1903 \"D\" optional release available August 30th
      The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
      		August 30, 2019 
      08:00 AM PT
      
       
      Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
      We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
      		August 29, 2019 
      04:39 PM PT
      
       
      Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
      Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
      		August 29, 2019 
      08:00 AM PT
      
       
      Take action: SHA-2 code signing support guidance for Windows 7 SP1 and Windows Server 2008 RS2 SP1
      Windows 7 SP1 and Windows Server 2008 R2 SP1 update signatures are now SHA-2 based signatures and requires that SHA-2 support to be installed. For important customer guidance on installation and troubleshooting tips, please read the knowledge base article 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.
      		August 23, 2019 
      03:35 PM PT
      
+      
@@ -58,6 +59,15 @@ sections:
         
      
         
       
       "
+- title: September 2019
+- items:
+  - type: markdown
+    text: "
+      
      SummaryOriginating updateStatusDate resolved
      Notification issue: \"Your device is missing important security and quality fixes.\"
      Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

      See details >      		N/A 

      		Resolved
      		September 03, 2019 
      12:32 PM PT
      
       
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 17134.829

      June 11, 2019
      KB4503286      		Resolved
      KB4512509      		August 19, 2019 
      02:00 PM PT
      
       
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 17134.950

      August 13, 2019
      KB4512501      		Resolved
      KB4512509      		August 19, 2019 
      02:00 PM PT
      
       
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 17134.915

      July 16, 2019
      KB4507466      		Resolved
      KB4512501      		August 13, 2019 
      10:00 AM PT
      
+      
+      
      DetailsOriginating updateStatusHistory
      Notification issue: \"Your device is missing important security and quality fixes.\"
      Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes\" in the Windows Update dialog and a red \"!\" in the task tray on the Windows Update tray icon. This notification is intended for devices that are 90 days or more out of date, but some users with installed updates released in June or July also saw this notification.

      Affected platforms:
      • Client: Windows 10, version 1803
      • Server: Windows Server, version 1803
      Resolution: This issue was resolved on the server side on August 30, 2019. Only devices that are out of date by 90 days or more should now see the notification. No action is required by the user to resolve this issue. If you are still seeing the \"Your device is missing important security and quality fixes\" notification, we recommend selecting Check for Updates in the Windows Update dialog. For instructions, see Update Windows 10. Microsoft always recommends trying to keep your devices up to date, as the monthly updates contain important security fixes. 

      Back to top      		N/A 

      		Resolved
      		Resolved:
      September 03, 2019 
      12:32 PM PT

      Opened:
      September 03, 2019 
      12:32 PM PT
      
+      "
+
 - title: August 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
index c70c55ae78..99b8f5966a 100644
--- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
@@ -55,12 +55,6 @@ sections:
       
      End-user-defined characters (EUDC) may cause blue screen at startup
      If you enable per font end-user-defined characters (EUDC), the system may  stop working and a blue screen may appear at startup. 

      See details >      		OS Build 17763.404

      April 02, 2019
      KB4490481      		Resolved
      KB4493509      		April 09, 2019 
      10:00 AM PT
      
       
      MSXML6 may cause applications to stop responding 
      MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

      See details >      		OS Build 17763.253

      January 08, 2019
      KB4480116      		Resolved
      KB4493509      		April 09, 2019 
      10:00 AM PT
      
       
      Error 1309 when installing/uninstalling MSI or MSP files
      Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

      See details >      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4489899      		March 12, 2019 
      10:00 AM PT
      Internet Explorer may fail to load images
      Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

      See details >      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      First character of the Japanese era name not recognized
      The first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues.

      See details >      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      Applications using Microsoft Jet database and Access 95 file format stop working
      Applications that use a Microsoft Jet database with the Microsoft Access 9 file format may randomly stop working.

      See details >      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      Shared albums may not sync with iCloud for Windows
      Upgrade block: Apple has identified an incompatibility with iCloud for Windows (version 7.7.0.27) where users may experience issues updating or synching Shared Albums.

      See details >      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
      Upgrade block: Users may see an Intel Audio Display (intcdaud.sys) notification during setup for  devices with certain Intel Display Audio Drivers.

      See details >      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      F5 VPN clients losing network connectivity 
      Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

      See details >      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		March 01, 2019 
      10:00 AM PT
      
       
      Global DNS outage affects Windows Update customers
      Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage. 

      See details >      		N/A 

      		Resolved
      		March 08, 2019 
      11:15 AM PT
      
       
      Apps may stop working after selecting an audio output device other than the default
      Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

      See details >      		OS Build 17763.348

      March 01, 2019
      KB4482887      		Resolved
      KB4490481      		April 02, 2019 
      10:00 AM PT
      
       
      
@@ -148,9 +142,6 @@ sections:
       
-      
-      
-      
      DetailsOriginating updateStatusHistory
      
       
      Embedded objects may display incorrectly
      Any compound document (OLE) server application that places embedded objects into the Windows Metafile (WMF) using the PatBlt API may display embedded objects incorrectly. 
       
      For example, if you paste a Microsoft Excel worksheet object into a Microsoft Word document, the cells may render with a different background color. 
       
      Affected platforms:  
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1  
      • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2  
      Resolution: This issue is resolved in KB4493509.  

      Back to top      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4493509      		Resolved:
      April 09, 2019 
      10:00 AM PT

      Opened:
      February 12, 2019 
      10:00 AM PT
      
       
      Error 1309 when installing/uninstalling MSI or MSP files
      After installing KB4487044, users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files. 

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
      • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
      Resolution: This issue is resolved in KB4489899

      Back to top      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4489899      		Resolved:
      March 12, 2019 
      10:00 AM PT

      Opened:
      February 12, 2019 
      10:00 AM PT
      Internet Explorer may fail to load images
      After installing KB4487044, Internet Explorer may fail to load images with a backslash (\\) in their relative source path.

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1
      Resolution: This issue is resolved in KB4482887.

      Back to top      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      February 12, 2019 
      10:00 AM PT
      First character of the Japanese era name not recognized
      After installing KB4487044, the first character of the Japanese era name is not recognized as an abbreviation and may cause date parsing issues. 

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1
      • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: This issue is resolved in KB4482887

      Back to top      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      February 12, 2019 
      10:00 AM PT
      Applications using Microsoft Jet database and Access 95 file format stop working
      Applications that use a Microsoft Jet database with the Microsoft Access 95 file format may randomly stop working.

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 7 SP1
      • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
      Resolution: This issue is resolved in KB4482887.

      Back to top      		OS Build 17763.316

      February 12, 2019
      KB4487044      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      February 12, 2019 
      10:00 AM PT
      
       
      
       "
 
@@ -171,8 +162,5 @@ sections:
     text: "
       
-      
-      
-      
      DetailsOriginating updateStatusHistory
      
       
      Audio not working on monitors or TV connected to a PC via HDMI, USB, or DisplayPort
      Upgrade block: Microsoft has identified issues with certain new Intel display drivers. Intel inadvertently released versions of its display driver (versions 24.20.100.6344, 24.20.100.6345) to OEMs that accidentally turned on unsupported features in Windows. 
       
      As a result, after updating to Windows 10, version 1809, audio playback from a monitor or television connected to a PC via HDMI, USB-C, or a DisplayPort may not function correctly on devices with these drivers.
      Note: This Intel display driver issue is different from the Intel Smart Sound Technology driver (version 09.21.00.3755) audio issue previously documented.

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
      • Server: Windows Server, version 1809; Windows Server 2019 
      Next steps: Intel has released updated drivers to OEM device manufacturers. OEMs need to make the updated driver available via Windows Update. For more information, see the Intel Customer Support article.

      Resolution: Microsoft has removed the safeguard hold. 



      Back to top      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      		Resolved:
      May 21, 2019 
      07:42 AM PT

      Opened:
      November 13, 2018 
      10:00 AM PT
      Shared albums may not sync with iCloud for Windows
      Upgrade block: Users who attempt to install iCloud for Windows (version 7.7.0.27) will see a message displayed that this version iCloud for Windows isn't supported and the install will fail.

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
      • Server: Windows Server, version 1809; Windows Server 2019
      To ensure a seamless experience, Microsoft is blocking devices with iCloud for Windows (version 7.7.0.27) software installed from being offered Windows 10, version 1809 until this issue has been resolved. 

      We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool from the Microsoft software download website until this issue is resolved. 
       
      Resolution: Apple has released an updated version of iCloud for Windows (version 7.8.1) that resolves compatibility issues encountered when updating or synching Shared Albums after updating to Windows 10, version 1809. We recommend that you update your iCloud for Windows to version 7.8.1 when prompted before attempting to upgrade to Windows 10, version 1809. You can also manually download the latest version of iCloud for Windows by visiting https://support.apple.com/HT204283.

      Back to top      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      November 13, 2018 
      10:00 AM PT
      Intel Audio Display (intcdaud.sys) notification during Windows 10 Setup
      Upgrade block: Microsoft and Intel have identified a compatibility issue with a range of Intel Display Audio device drivers (intcdaud.sys, versions 10.25.0.3 - 10.25.0.8) that may result in excessive processor demand and reduced battery life. As a result, the update process to the Windows 10 October 2018 Update (Windows 10, version 1809) will fail and affected devices will automatically revert to the previous working configuration. 

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
      • Server: Windows Server, version 1809; Windows Server 2019
      If you see a \"What needs your attention\" notification during installation of the October 2018 Update, you have one of these affected drivers on your system. On the notification, click Back to remain on your current version of Windows 10. 
       
      To ensure a seamless experience, we are blocking devices from being offered the October 2018 Update until updated Intel device drivers are installed on your current operating system. We recommend that you do not attempt to manually update to Windows 10, version 1809, using the Update Now button or the Media Creation Tool from the Microsoft Software Download Center until newer Intel device drivers are available with the update. You can either wait for newer drivers to be installed automatically through Windows Update or check with your computer manufacturer for the latest device driver software availability and installation procedures. For more information about this issue, see Intel's customer support guidance.
       
      Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

      Back to top      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      November 13, 2018 
      10:00 AM PT
      F5 VPN clients losing network connectivity 
      Upgrade block: After updating to Windows 10, version 1809, F5 VPN clients may lose network connectivity when the VPN service is in a split tunnel configuration.

      Affected platforms:
      • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
      • Server: Windows Server, version 1809; Windows Server 2019
      Resolution: This issue was resolved in KB4482887 and the upgrade block removed. 

      Back to top      		OS Build 17763.134

      November 13, 2018
      KB4467708      		Resolved
      KB4482887      		Resolved:
      March 01, 2019 
      10:00 AM PT

      Opened:
      November 13, 2018 
      10:00 AM PT
      
       
      
       "
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml
index c9f0739b5a..fe3c6577c2 100644
--- a/windows/release-information/status-windows-10-1803.yml
+++ b/windows/release-information/status-windows-10-1803.yml
@@ -65,6 +65,7 @@ sections:
   - type: markdown
     text: "
      This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

      
       
+      
@@ -81,6 +82,15 @@ sections:
         
      
         
       
       "
+- title: September 2019
+- items:
+  - type: markdown
+    text: "
+      
      SummaryOriginating updateStatusLast updated
      Notification issue: \"Your device is missing important security and quality fixes.\"
      Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

      See details >      		N/A 

      		Resolved
      		September 03, 2019 
      12:32 PM PT
      
       
      Devices starting using PXE from a WDS or SCCM servers may fail to start
      Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

      See details >      		OS Build 17134.829

      June 11, 2019
      KB4503286      		Resolved
      KB4512509      		August 19, 2019 
      02:00 PM PT
      
       
      Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
      Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

      See details >      		OS Build 17134.950

      August 13, 2019
      KB4512501      		Resolved
      KB4512509      		August 19, 2019 
      02:00 PM PT
      
       
      Domain connected devices that use MIT Kerberos realms will not start up
      Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

      See details >      		OS Build 17134.915

      July 16, 2019
      KB4507466      		Resolved
      KB4512501      		August 13, 2019 
      10:00 AM PT
      
+      
+      
      DetailsOriginating updateStatusHistory
      Notification issue: \"Your device is missing important security and quality fixes.\"
      Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes\" in the Windows Update dialog and a red \"!\" in the task tray on the Windows Update tray icon. This notification is intended for devices that are 90 days or more out of date, but some users with installed updates released in June or July also saw this notification.

      Affected platforms:
      • Client: Windows 10, version 1803
      • Server: Windows Server, version 1803
      Resolution: This issue was resolved on the server side on August 30, 2019. Only devices that are out of date by 90 days or more should now see the notification. No action is required by the user to resolve this issue. If you are still seeing the \"Your device is missing important security and quality fixes\" notification, we recommend selecting Check for Updates in the Windows Update dialog. For instructions, see Update Windows 10. Microsoft always recommends trying to keep your devices up to date, as the monthly updates contain important security fixes. 

      Back to top      		N/A 

      		Resolved
      		Resolved:
      September 03, 2019 
      12:32 PM PT

      Opened:
      September 03, 2019 
      12:32 PM PT
      
+      "
+
 - title: August 2019
 - items:
   - type: markdown
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 5dd768299d..72034e1a27 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -75,7 +75,6 @@ sections:
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
August 01, 2019
08:44 PM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
August 01, 2019
06:27 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		July 26, 2019
02:00 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:48 PM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
May 21, 2019
04:47 PM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4512941.

Back to top		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
May 24, 2019
04:20 PM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
Last updated:
August 01, 2019
08:44 PM PT

Opened:
May 21, 2019
07:13 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Workaround: If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer. For other color setting issues, restart your computer to correct the issue.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
August 01, 2019
06:27 PM PT

Opened:
May 21, 2019
07:28 AM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:56 AM PT
Unable to discover or connect to Bluetooth devices
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: Check with your device manufacturer (OEM) to see if an updated driver is available and install it.

  • For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.
  • For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.
Note Until an updated driver has been installed, we recommend you do not attempt to manually update using the Update now button or the Media Creation Tool. 

Next steps: Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.  


Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:48 PM PT

Opened:
May 21, 2019
07:29 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809
Workaround:
On the “What needs your attention\" notification, click the Back button to remain on your current version of Windows 10. (Do not click Confirm as this will proceed with the update and you may experience compatibility issues.) Affected devices will automatically revert to the previous working configuration.

For more information, see Intel's customer support guidance and the Microsoft knowledge base article KB4465877.

Note We recommend you do not attempt to update your devices until newer device drivers are installed.

Next steps: You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:22 AM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:

\"Close other apps, error code: 0XA00F4243.”


To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:

  • Unplug your camera and plug it back in.

or

  • Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.

or

  • Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart
Note This workaround will only resolve the issue until your next system restart.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:20 AM PT
+ - @@ -80,9 +80,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Resolved
KB4507459		July 16, 2019
10:00 AM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml index 22ddb295df..582aec0f1a 100644 --- a/windows/release-information/resolved-issues-windows-10-1703.yml +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -32,8 +32,8 @@ sections: - type: markdown text: " + - @@ -71,8 +71,8 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
August 09, 2019
07:03 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
- +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 9bf77f7d45..0cdbe87fcb 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -32,9 +32,9 @@ sections: - type: markdown text: " + - @@ -73,9 +73,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
August 09, 2019
07:03 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		June 18, 2019
02:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index f6b4c85fb6..174aa6ebe6 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -32,10 +32,10 @@ sections: - type: markdown text: " + - @@ -83,9 +83,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >		N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
August 09, 2019
07:03 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		June 18, 2019
02:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index 99b8f5966a..81e2a0f077 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -32,9 +32,9 @@ sections: - type: markdown text: " + - @@ -82,9 +82,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
August 09, 2019
07:03 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers, in some circumstances, may have issues pairing or connecting to devices.

See details >		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		June 18, 2019
02:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index e3349d1356..56fb3d90af 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -32,12 +32,12 @@ sections: - type: markdown text: " + + - - @@ -74,11 +74,11 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		July 26, 2019
02:00 PM PT
RASMAN service may stop working and result in the error “0xc0000005”
The Remote Access Connection Manager (RASMAN) service may stop working and result in the error “0xc0000005” with VPN profiles configured as an Always On VPN connection.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4505903		July 26, 2019
02:00 PM PT
- + + -
DetailsOriginating updateStatusHistory
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: To mitigate this issue before the safeguard hold is removed, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 12, 2019
04:42 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index fb76299a24..da23159b5b 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -95,9 +95,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
August 01, 2019
05:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503267 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512495.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507459. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512517. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
Internet Explorer 11 may fail to render some JavaScript after installing KB4507460. You may also have issues with apps using JavaScript or the WebBrowser control, such as the present PowerPoint feature of Skype Meeting Broadcast.

Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4512517.

Back to top		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 26, 2019
04:58 PM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index dbe7b4e91e..804da5f5fe 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -66,8 +66,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
@@ -95,8 +95,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507467. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512507 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 9fa8392574..27e013f10f 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		August 16, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
@@ -90,9 +90,9 @@ sections: - type: markdown text: " + -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512494.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507465. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512516. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 16299.1296

July 16, 2019
KB4507465		Resolved
KB4512516		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index fe3c6577c2..5b3d8b4dd9 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -65,10 +65,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -106,9 +106,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >		N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		August 19, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
August 09, 2019
07:03 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512509.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4507466. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512501. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17134.915

July 16, 2019
KB4507466		Resolved
KB4512501		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 5a2c3b8df0..d85effd748 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -64,9 +64,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -98,9 +98,9 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		August 17, 2019
02:00 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 17763.55

October 09, 2018
KB4464330		Investigating
August 01, 2019
05:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
June 14, 2019
04:41 PM PT
+ -
DetailsOriginating updateStatusHistory
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503327 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512534.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4505658. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4511553. To safeguard your upgrade experience, the compatibility hold on devices from being offered Windows 10, version 1903 or Windows Server, version 1903 is still in place. Once the issue is addressed on Windows 10, version 1903, this safeguard hold will be removed for all affected platforms. Check the Windows 10, version 1903 section of the release information dashboard for the most up to date information on this and other safeguard holds.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Back to top		OS Build 17763.652

July 22, 2019
KB4505658		Resolved
KB4511553		Resolved:
August 13, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 9201d1cb20..efe7452abd 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,13 +65,13 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ + - - @@ -115,11 +115,11 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Investigating
September 04, 2019
02:25 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
August 01, 2019
08:44 PM PT
- + + -
DetailsOriginating updateStatusHistory
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Workaround: To mitigate this issue before the safeguard hold is removed, you will need to update the Intel RST drivers for your device to version 15.5.2.1054 or a later.  Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You can also download the latest Intel RST drivers directly from Intel at Intel® Rapid Storage Technology (Intel® RST) User Interface and Driver. Once your drivers are updated, you can restart the installation process for Windows 10, version 1903. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
+

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Issues updating when certain versions of Intel storage drivers are installed
Intel and Microsoft have found incompatibility issues with certain versions of the Intel Rapid Storage Technology (Intel RST) drivers and the Windows 10 May 2019 Update (Windows 10, version 1903).  

To safeguard your update experience, we have applied a compatibility hold on devices with Intel RST drivers, versions 15.1.0.1002 through version 15.5.2.1053 installed from installing or being offered Windows 10, version 1903 or Windows Server, version 1903, until the driver has been updated.

Versions 15.5.2.1054 or later are compatible, and a device that has these drivers installed can install the Windows 10 May 2019 Update. For affected devices, the recommended version is 15.9.8.1050.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen. Any version of Windows may encounter this issue when initiating a Remote Desktop connection to a Windows 10, version 1903 device which is running an affected display driver, including the drivers for the Intel 4 series chipset integrated GPU (iGPU).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 12, 2019
04:42 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503293 on a WDS server.

Affected platforms:
  • Server: Windows Server 2008 SP2; Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2; Windows Server 2016; Windows Server, version 1803; Windows Server 2019; Windows Server, version 1809; Windows Server, version 1903
Resolution: This issue was resolved in KB4512941.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 10, 2019
02:51 PM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after installation of KB4497935. Devices that are domain controllers or domain members are both affected.

To safeguard your update experience, we have applied a compatibility hold on devices configured to use MIT Kerberos realm from being offered Windows 10, version 1903 or Windows Server, version 1903.

Note If you are not sure if your device is affected, contact your administrator. Advanced users can check for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos or check if this registry key exists:
HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\MitRealms
-

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016
Resolution: This issue was resolved in KB4512941. The safeguard hold is estimated to be removed in early September.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
July 25, 2019
06:10 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Microsoft has identified a compatibility issue on some Surface Book 2 devices configured with Nvidia discrete graphics processing unit (dGPU). After updating to Windows 10, version 1903 (May 2019 Feature Update), some apps or games that needs to perform graphics intensive operations may close or fail to open.

To safeguard your update experience, we have applied a compatibility hold on Surface Book 2 devices with Nvidia dGPUs from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To mitigate the issue if you are already on Windows 10, version 1903, you can restart the device or select the Scan for hardware changes button in the Action menu or on the toolbar in Device Manager.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
July 16, 2019
09:04 AM PT

Opened:
July 12, 2019
04:20 PM PT
" From 31dc5170cfee73155ccf1299e4f26386feffb4ea Mon Sep 17 00:00:00 2001 From: illfated Date: Sat, 7 Sep 2019 23:05:30 +0200 Subject: [PATCH 087/113] Enterprise Mode schema: convert Important notes As previously discussed in this PR, I have converted the **Important** section headings by using their MarkDown equivalent > [!IMPORTANT] (as well as adding the blockquote for its text content). --- .../enterprise-mode-schema-version-1-guidance.md | 4 ++-- .../enterprise-mode-schema-version-2-guidance.md | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md index a4391db8b0..292c85b771 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md @@ -30,8 +30,8 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th ## Enterprise Mode schema v.1 example The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1. -**Important** -Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com. +> [!IMPORTANT] +> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com. ```xml diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md index 489ffd391d..66a056c506 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md @@ -26,8 +26,8 @@ ms.date: 12/04/2017 Use the Enterprise Mode Site List Manager to create and update your site list for devices running Windows 7, Windows 8.1, and Windows 10, using the version 2.0 (v.2) of the Enterprise Mode schema. If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app. -**Important** -If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). +> [!IMPORTANT] +> If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). ## Enterprise Mode schema v.2 updates Because of the schema changes, you can't combine the old version (v.1) with the new version (v.2) of the schema. If you look at your XML file, you can tell which version you're using by: @@ -41,8 +41,8 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo ### Enterprise Mode v.2 schema example The following is an example of the v.2 version of the Enterprise Mode schema. -**Important** -Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com. +> [!IMPORTANT] +> Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com. ```xml @@ -284,8 +284,8 @@ With: While the old, replaced attributes aren't supported in the v.2 version of the schema, they'll continue to work in the v.1 version of the schema. If, however, you're using the v.2 version of the schema and these attributes are still there, the v.2 version schema takes precedence. We don’t recommend combining the two schemas, and instead recommend that you move to the v.2 version of the schema to take advantage of the new features. -**Important** -Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema. +> [!IMPORTANT] +> Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema. ### What not to include in your schema We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways: From 786c0bcc42f7f8ed7a08d5c1ebcce5426091f2ca Mon Sep 17 00:00:00 2001 From: Jonathan Gregson Date: Mon, 9 Sep 2019 08:05:50 -0700 Subject: [PATCH 088/113] Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md Per review. Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../configure-wd-app-guard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md index 4ec0350808..a039b631e7 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md @@ -33,7 +33,7 @@ These settings, located at **Computer Configuration\Administrative Templates\Net |Policy name|Supported versions|Description| |-----------|------------------|-----------| |Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| -|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| +|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| |Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Notes: this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| ## Network isolation settings wildcards From 07b648846fe07223deeb6f682970eb8df4c0e81c Mon Sep 17 00:00:00 2001 From: Jonathan Gregson Date: Mon, 9 Sep 2019 08:06:15 -0700 Subject: [PATCH 089/113] Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md Per review. Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../configure-wd-app-guard.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md index a039b631e7..d79135d66a 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md @@ -34,7 +34,7 @@ These settings, located at **Computer Configuration\Administrative Templates\Net |-----------|------------------|-----------| |Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| |Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| -|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Notes: this list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| +|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| ## Network isolation settings wildcards From 404ad6d084830e0824ab2c051f0826b72c8b9f3e Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 9 Sep 2019 15:33:38 -0700 Subject: [PATCH 090/113] updated links --- .openpublishing.redirection.json | 2 +- .../threat-protection/intelligence/ransomware-malware.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 16a10bcb81..2cc5313118 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -817,7 +817,7 @@ }, { "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md", -"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders-exploit-guard", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders", "redirect_document_id": true }, { diff --git a/windows/security/threat-protection/intelligence/ransomware-malware.md b/windows/security/threat-protection/intelligence/ransomware-malware.md index 5ebb6aa87a..b91211e7da 100644 --- a/windows/security/threat-protection/intelligence/ransomware-malware.md +++ b/windows/security/threat-protection/intelligence/ransomware-malware.md @@ -61,6 +61,6 @@ We recommend: * Educate your employees so they can identify social engineering and spear-phishing attacks. -* [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard). It can stop ransomware from encrypting files and holding the files for ransom. +* [Controlled folder access](../microsoft-defender-atp/controlled-folders.md). It can stop ransomware from encrypting files and holding the files for ransom. For more general tips, see [prevent malware infection](prevent-malware-infection.md). From efb0c53adb5a94214fa0abe82a36b95a467b9371 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 9 Sep 2019 17:28:11 -0700 Subject: [PATCH 091/113] Delete surface.yml Remove surface.yml --- devices/surface/surface.yml | 61 ------------------------------------- 1 file changed, 61 deletions(-) delete mode 100644 devices/surface/surface.yml diff --git a/devices/surface/surface.yml b/devices/surface/surface.yml deleted file mode 100644 index 8287763c1e..0000000000 --- a/devices/surface/surface.yml +++ /dev/null @@ -1,61 +0,0 @@ -### YamlMime:YamlDocument - -documentType: LandingData -title: Surface devices -metadata: - document_id: - title: Surface devices - description: Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization. - keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories - ms.localizationpriority: medium - author: lizap - ms.author: elizapo - manager: dougkim - ms.topic: article - ms.devlang: na - -sections: -- items: - - type: markdown - text: " - Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization. - " -- title: Explore -- items: - - type: markdown - text: " - Evaluate the Surface device portfolio, review the tools and technologies for management of your Surface devices, and learn about Surface technologies and devices with engineering walkthroughs.
- -

**Surface Pro**
Light enough to take anywhere. Powerful enough to use as a full desktop workstation.
See spec
**Surface Book**
Built for extreme performance. Lightning fast access to apps. Up to 16 hours of battery life.
See spec
**Surface Studio**
Professional-grade power and performance. Use it upright or draw on it like a drafting table.
See spec
- " -- title: Plan -- items: - - type: markdown - text: " - Explore essential concepts for the deployment of Windows 10 to Surface devices.
- -

**Try Windows 10 Enterprise free for 90 days**
Try the latest features. Test your apps, hardware, and deployment strategies.
Get started
**Windows 10 upgrade paths**
Upgrade to Windows 10 from a previous version, or from one edition to another.
Explore paths
**Prepare for Windows 10 deployment**
Get familiar with current deployment options and best practices.
Review options
- " -- title: Deploy -- items: - - type: markdown - text: " - Download deployment tools and get step-by-step guidance on how to upgrade a Surface device or deploy a new image.
- -

**Microsoft Deployment Toolkit (MDT)**
Automate Windows 10 deployment, and more easily manage security and configurations.
Download the toolkit
**System Center Configuration Manager**
Use in tandem with MDT to deploy Windows 10 and manage PCs and devices moving forward.
Download an eval
**Surface Deployment Accelerator**
Automate the creation and configuration of Windows images for Surface devices.
Download the accelerator
- " -- title: Manage -- items: - - type: markdown - text: " - Learn how to more easily manage and secure Surface devices in your organization.
- -

**Manage Surface firmware and driver updates**
Download the latest firmware and drivers for Surface devices.
Manage Surface Dock Updater.
Surface update history
**Discover Surface tools for IT**
Surface Diagnostic Toolkit
Surface Data Eraser
Surface Enterprise Management Mode
Surface Pro 3 Asset Tag CLI Utility
**Manage settings and devices**
Manage Windows corporate devices
Manage Surface UEFI Settings
Bitlocker PIN on Surface Pro 3 and other tablets
Enroll and configure Surface devices with SEMM
- " -- title: Stay informed -- items: - - type: markdown - text: " - -

**Surface IT Pro Blog**
Get insight into new Surface products plus tips and tricks for IT professionals.
Learn more
**Surface on Microsoft Mechanics**
View technical demos and walkthroughs of Surface devices, features, and functionality.
Get started
**Follow us on Twitter**
Keep up with the latest news and see the latest product demonstrations.
Visit Twitter
- " From b5634f37ccb5f0d098a81e7d766bfe537ee784c8 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 9 Sep 2019 17:51:46 -0700 Subject: [PATCH 092/113] Update surface-hub-2s-connect.md --- devices/surface-hub/surface-hub-2s-connect.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index 500be048ca..4743891b0c 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -23,7 +23,7 @@ You can display content from your devices to Surface Hub 2S. If the source devic ## Recommended wired configurations -In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some configuration may be required to optimize the video-out experience; refer to the section below: [Mirroring Surface Hub 2S display on another device](#). +In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some configuration may be required to optimize the video-out experience; refer to the section below: [Mirroring Surface Hub 2S display on another device](#Mirroring-Surface-Hub-2S-display-on-another-device). | **Connection** | **Functionality** | **Description**| | --- | --- | ---| From 1a10852d7f309ffb14069d8779decae68fcfef7c Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 9 Sep 2019 22:35:33 -0700 Subject: [PATCH 093/113] Spelled out acronym, fixed typo --- .../microsoft-defender-atp/tvm-security-recommendation.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index f5dbb8135e..0c8c9f14f6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -23,12 +23,12 @@ ms.date: 04/11/2019 The cybersecurity weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance. -Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and SCCM. It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment. +Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment. ## The basis of the security recommendation Each machine in the organization is scored based on three important factors: threat, likelihood to be breached, and value, to help customers to focus on the right things at the right time. -- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the correponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports. +- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the corresponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports. - Breach likelihood - Your organization's security posture and resilience against threats @@ -36,7 +36,7 @@ Each machine in the organization is scored based on three important factors: thr ## Navigate through your security recommendations -You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need as you require it. +You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need, as you require it. There are security recommendations for application, operating system, network, accounts, and security controls. From bde0753b44cb8d633a2cd0756ce2960d8c1c72ea Mon Sep 17 00:00:00 2001 From: martyav Date: Tue, 10 Sep 2019 11:24:32 -0400 Subject: [PATCH 094/113] correcting debranded eg redirects --- .openpublishing.redirection.json | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index d27244616a..5b3aa440d2 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -626,8 +626,13 @@ "redirect_document_id": true }, { +"source_path": "windows/security/threat-protection/windows-defender-exploit-guard/oldtoc.md", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection", +"redirect_document_id": false +}, +{ "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md", -"redirect_url": "windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3", "redirect_document_id": true }, { @@ -817,7 +822,7 @@ }, { "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md", -"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders-exploit-guard", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders", "redirect_document_id": true }, { @@ -887,7 +892,7 @@ }, { "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md", -"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/evaluate-windows-defender", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp", "redirect_document_id": true }, { @@ -907,7 +912,7 @@ }, { "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md", -"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-exploit-guard", +"redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/exploit-protection", "redirect_document_id": true }, { From f3a940cbfbe1ac959acc09333bf3942abd28bb99 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Tue, 10 Sep 2019 08:28:29 -0700 Subject: [PATCH 095/113] Update surface-hub-2s-connect.md --- devices/surface-hub/surface-hub-2s-connect.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index 4743891b0c..db57e3ee37 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -14,7 +14,7 @@ ms.localizationpriority: Medium --- # Connect devices to Surface Hub 2S -Surface Hub 2S lets you connect external devices, mirror the display on Surface Hub 2S to another device, and connect a wide variety of third-party peripherals including video conference cameras, conference phones, and room system devices. +Surface Hub 2S lets you connect external devices, mirror the display on Surface Hub 2S to another device, and connect multiple third-party peripherals including video conference cameras, conference phones, and room system devices. You can display content from your devices to Surface Hub 2S. If the source device is Windows-based, that device can also provide TouchBack and InkBack, which takes video and audio from the connected device and presents them on Surface Hub 2S. If Surface Hub 2S encounters a High-Bandwidth Digital Content Protection (HDCP) signal, such as a Blu-ray DVD player, the source is displayed as a black image. From 483934a83d80a5f70956a7e2963c99fbf30078c9 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Tue, 10 Sep 2019 08:34:26 -0700 Subject: [PATCH 096/113] Update whiteboard-collaboration.md --- devices/surface-hub/whiteboard-collaboration.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/devices/surface-hub/whiteboard-collaboration.md b/devices/surface-hub/whiteboard-collaboration.md index c5e5a979bf..1b85feaf12 100644 --- a/devices/surface-hub/whiteboard-collaboration.md +++ b/devices/surface-hub/whiteboard-collaboration.md @@ -12,8 +12,6 @@ manager: dansimp ms.localizationpriority: medium --- -# Set up and use Microsoft Whiteboard - # Set up and use Microsoft Whiteboard The Microsoft Whiteboard app includes the capability for Surface Hubs and other devices to collaborate in real time on the same board. @@ -31,7 +29,7 @@ To use whiteboard collaboration complete the following actions: - You can only run collaborative sessions among users belonging to the same Office 365 tenant. - Office 365 Germany or Office 365 operated by 21Vianet do not support whiteboard collaboration. -## Using Whiteboard collaboration +## Collaborating with whiteboards To start a collaboration session: From acf3e6d553a7d545a444bac15c3b24bf1e8cf859 Mon Sep 17 00:00:00 2001 From: martyav Date: Tue, 10 Sep 2019 12:12:28 -0400 Subject: [PATCH 097/113] fixed build warning --- .openpublishing.redirection.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 5b3aa440d2..d6a71496e2 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -893,7 +893,7 @@ { "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md", "redirect_url": "/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp", -"redirect_document_id": true +"redirect_document_id": false }, { "source_path": "windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md", From 8034dddbbdb62878a59412ee602d37825ba9ed3a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 10 Sep 2019 10:26:56 -0700 Subject: [PATCH 098/113] pull from public to private and fix warnings --- mdop/mbam-v25/upgrade-mbam2.5-sp1.md | 4 ++-- .../client-management/introduction-page-file.md | 14 +++++--------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md index 18e3f0554a..491bee386a 100644 --- a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md +++ b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md @@ -2,10 +2,10 @@ title: Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update author: TobyTu ms.author: ksharma -manager: DCSCPMCAIM365 +manager: audience: ITPro ms.topic: article -ms.prod: mbam +ms.prod: localization_priority: Normal --- diff --git a/windows/client-management/introduction-page-file.md b/windows/client-management/introduction-page-file.md index 747ac0b22a..853c4fda96 100644 --- a/windows/client-management/introduction-page-file.md +++ b/windows/client-management/introduction-page-file.md @@ -7,9 +7,8 @@ ms.topic: troubleshooting author: Deland-Han ms.localizationpriority: medium ms.author: delhan -ms.date: 8/22/2019 -ms.reviewer: -manager: dcscontentpm +ms.reviewer: greglin +manager: --- # Introduction to page files @@ -31,11 +30,8 @@ Some products or services require a page file for various reasons. For specific For example, the following Windows servers requires page files: - Windows Server domain controllers (DCs) - - DFS Replication (DFS-R) servers - - Certificate servers - - ADAM/LDS servers This is because the algorithm of the database cache for Extensible Storage Engine (ESENT, or ESE in Microsoft Exchange Server) depends on the "\Memory\Transition Pages RePurposed/sec" performance monitor counter. A page file is required to make sure that the database cache can release memory if other services or applications request memory. @@ -60,13 +56,13 @@ Page files extend how much "committed memory" (also known as "virtual memory") i The system commit memory limit is the sum of physical memory and all page files combined. It represents the maximum system-committed memory (also known as the "system commit charge") that the system can support. -![Task manager](media/task-manager.png) +![Task manager](images/task-manager.png) The system commit charge is the total committed or "promised" memory of all committed virtual memory in the system. If the system commit charge reaches the system commit limit, the system and processes might not get committed memory. This condition can cause freezing, crashing, and other malfunctions. Therefore, make sure that you set the system commit limit high enough to support the system commit charge during peak usage. -![Out of memory](media/out-of-memory.png) +![Out of memory](images/out-of-memory.png) -![Task Manager](media/task-manager-commit.png) +![Task Manager](images/task-manager-commit.png) The system committed charge and system committed limit can be measured on the **Performance** tab in Task Manager or by using the "\Memory\Committed Bytes" and "\Memory\Commit Limit" performance counters. The \Memory\% Committed Bytes In Use counter is a ratio of \Memory\Committed Bytes to \Memory\Commit Limit values. From f881bf019a8a2f525ba0616d9221d00bf55a90fc Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 10 Sep 2019 10:50:36 -0700 Subject: [PATCH 099/113] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) --- .../resolved-issues-windows-10-1607.yml | 2 ++ ...ssues-windows-10-1809-and-windows-server-2019.yml | 2 -- .../resolved-issues-windows-10-1903.yml | 10 ++++++++++ .../release-information/status-windows-10-1507.yml | 2 -- ...tatus-windows-10-1607-and-windows-server-2016.yml | 6 ++---- .../release-information/status-windows-10-1703.yml | 2 -- .../release-information/status-windows-10-1709.yml | 2 -- .../release-information/status-windows-10-1803.yml | 2 -- ...tatus-windows-10-1809-and-windows-server-2019.yml | 2 -- .../release-information/status-windows-10-1903.yml | 6 ++---- ...atus-windows-7-and-windows-server-2008-r2-sp1.yml | 12 ++++++++++-- ...status-windows-8.1-and-windows-server-2012-r2.yml | 2 -- .../status-windows-server-2008-sp2.yml | 2 -- .../status-windows-server-2012.yml | 2 -- .../release-information/windows-message-center.yml | 1 + 15 files changed, 27 insertions(+), 28 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 6f92dbe2b1..6f568f3c14 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -70,6 +71,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
+
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		Resolved:
September 10, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index 81e2a0f077..37df3391a5 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -55,7 +55,6 @@ sections:
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899March 12, 2019
10:00 AM PT -
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT " @@ -152,7 +151,6 @@ sections: -
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: 
  • Cache size and location show zero or empty. 
  • Keyboard shortcuts may not work properly. 
  • Webpages may intermittently fail to load or render correctly. 
  • Issues with credential prompts. 
  • Issues when downloading files. 
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509

Back to top		OS Build 17763.253

January 08, 2019
KB4480116		Resolved
KB4493509		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
 
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509

Back to top		OS Build 17763.253

January 08, 2019
KB4480116		Resolved
KB4493509		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Global DNS outage affects Windows Update customers
Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored. 
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers. 
 
If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you. 

Back to top		N/A

Resolved
Resolved:
March 08, 2019
11:15 AM PT

Opened:
January 29, 2019
02:00 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index 56fb3d90af..348d00243a 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -59,6 +60,15 @@ sections:
" +- title: September 2019 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		Resolved:
September 10, 2019
10:00 AM PT

Opened:
September 04, 2019
02:25 PM PT
+ " + - title: August 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index 9a8ebe8053..a764bbb877 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -61,7 +61,6 @@ sections: text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

-
SummaryOriginating updateStatusLast updated
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
" @@ -79,7 +78,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512497, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517276. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4517276 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503291) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index da23159b5b..208a38f5dd 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,12 +60,11 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - - @@ -84,9 +83,8 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
August 01, 2019
05:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
+ - -
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		Resolved:
September 10, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
Last updated:
August 01, 2019
05:00 PM PT

Opened:
August 01, 2019
05:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 804da5f5fe..626ca1a8e2 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -68,7 +68,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
" @@ -86,7 +85,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512507, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512474. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512474 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503279) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 27e013f10f..ef4bc11351 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -63,7 +63,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >OS Build 16299.1296

July 16, 2019
KB4507465Resolved
KB4512516August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 16299.1331

August 13, 2019
KB4512516Resolved
KB4512494August 16, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 16299.904

January 08, 2019
KB4480978Mitigated
April 25, 2019
02:00 PM PT " @@ -81,7 +80,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512516, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512494. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512494 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503284) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index 5b3d8b4dd9..a227eb41e0 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -69,7 +69,6 @@ sections:
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved External
August 09, 2019
07:03 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17134.829

June 11, 2019
KB4503286Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 17134.523

January 08, 2019
KB4480966Mitigated
April 25, 2019
02:00 PM PT @@ -97,7 +96,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index d85effd748..d0f9c241ed 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -67,7 +67,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >OS Build 17763.652

July 22, 2019
KB4505658Resolved
KB4511553August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >OS Build 17763.55

October 09, 2018
KB4464330Investigating
August 01, 2019
05:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17763.557

June 11, 2019
KB4503327Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >OS Build 17763.437

April 09, 2019
KB4493509Mitigated
May 03, 2019
10:59 AM PT @@ -88,7 +87,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4511553, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512534. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512534 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503327) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.55

October 09, 2018
KB4464330		Investigating
Last updated:
August 01, 2019
05:00 PM PT

Opened:
August 01, 2019
05:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index efe7452abd..d203f071d7 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,15 +65,14 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - - @@ -95,7 +94,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Investigating
September 04, 2019
02:25 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
August 01, 2019
08:44 PM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
August 01, 2019
06:27 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
- +
DetailsOriginating updateStatusHistory
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimate a solution will be available in mid-September.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Investigating
Last updated:
September 04, 2019
02:25 PM PT

Opened:
September 04, 2019
02:25 PM PT
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		Resolved:
September 10, 2019
10:00 AM PT

Opened:
September 04, 2019
02:25 PM PT
" @@ -106,7 +105,6 @@ sections: -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
August 14, 2019
03:34 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
August 16, 2019
04:28 PM PT

Opened:
August 16, 2019
01:41 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index a8fa52963a..5722012e0f 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,12 +60,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.

See details >		August 13, 2019
KB4512506		Investigating
September 10, 2019
09:48 AM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Resolved External
August 27, 2019
02:29 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Resolved
KB4512514		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512506		Resolved
KB4517297		August 16, 2019
02:00 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503292		Resolved External
August 09, 2019
07:03 PM PT
" @@ -76,6 +76,15 @@ sections:
" +- title: September 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Next steps: Microsoft is working with Toshiba to resolve this issue and will provide an update in an upcoming release.

Back to top		August 13, 2019
KB4512506		Investigating
Last updated:
September 10, 2019
09:48 AM PT

Opened:
September 10, 2019
09:48 AM PT
+ " + - title: August 2019 - items: - type: markdown @@ -84,7 +93,6 @@ sections:
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.

Back to topAugust 13, 2019
KB4512506Resolved External
Last updated:
August 27, 2019
02:29 PM PT

Opened:
August 13, 2019
10:05 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512506, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517297. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to topAugust 13, 2019
KB4512506Resolved
KB4517297Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
IA64 and x64 devices may fail to start after installing updates
IA64 devices (in any configuration) and x64 devices using EFI boot that were provisioned after the July 9th updates and/or skipped the recommended update (KB3133977), may fail to start with the following error:
\"File: \\Windows\\system32\\winload.efi
Status: 0xc0000428
Info: Windows cannot verify the digital signature for this file.\"

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Take Action: To resolve this issue please follow the steps outlined in the SHA-2 support FAQ article for error code 0xc0000428.

Back to topAugust 13, 2019
KB4512506Mitigated
Last updated:
August 17, 2019
12:59 PM PT

Opened:
August 13, 2019
08:34 AM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503292) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to topJune 11, 2019
KB4503292Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT " diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 3efbd362b4..362bc0e782 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -63,7 +63,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503276Resolved
KB4512478August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >June 11, 2019
KB4503276Resolved External
August 09, 2019
07:03 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >April 25, 2019
KB4493443Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >January 08, 2019
KB4480963Mitigated
April 25, 2019
02:00 PM PT @@ -82,7 +81,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512488, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517298. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512488		Resolved
KB4517298		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503276) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503276		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index d1010bdae7..2954482f10 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Resolved
KB4512499		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512476		Resolved
KB4517301		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503273		Resolved External
August 09, 2019
07:03 PM PT
" @@ -79,7 +78,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512476, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517301. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512476		Resolved
KB4517301		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503273) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503273		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index 055acb57ff..e78082f2be 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503285		Resolved
KB4512512		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512518		Resolved
KB4517302		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503285		Resolved External
August 09, 2019
07:03 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
@@ -81,7 +80,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512518, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517302. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512518		Resolved
KB4517302		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503285) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503285		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 2785208d7d..eabfaa9012 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + From dedefa870cc28a81eba91c197c955dfda80661f2 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 10 Sep 2019 11:11:51 -0700 Subject: [PATCH 100/113] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) (#1074) --- .../resolved-issues-windows-10-1607.yml | 2 ++ ...ssues-windows-10-1809-and-windows-server-2019.yml | 2 -- .../resolved-issues-windows-10-1903.yml | 10 ++++++++++ .../release-information/status-windows-10-1507.yml | 2 -- ...tatus-windows-10-1607-and-windows-server-2016.yml | 6 ++---- .../release-information/status-windows-10-1703.yml | 2 -- .../release-information/status-windows-10-1709.yml | 2 -- .../release-information/status-windows-10-1803.yml | 2 -- ...tatus-windows-10-1809-and-windows-server-2019.yml | 2 -- .../release-information/status-windows-10-1903.yml | 6 ++---- ...atus-windows-7-and-windows-server-2008-r2-sp1.yml | 12 ++++++++++-- ...status-windows-8.1-and-windows-server-2012-r2.yml | 2 -- .../status-windows-server-2008-sp2.yml | 2 -- .../status-windows-server-2012.yml | 2 -- .../release-information/windows-message-center.yml | 1 + 15 files changed, 27 insertions(+), 28 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 6f92dbe2b1..6f568f3c14 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: "
MessageDate
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, , follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT
+ @@ -70,6 +71,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
+
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		Resolved:
September 10, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index 81e2a0f077..37df3391a5 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -55,7 +55,6 @@ sections:
End-user-defined characters (EUDC) may cause blue screen at startup
If you enable per font end-user-defined characters (EUDC), the system may stop working and a blue screen may appear at startup.

See details >OS Build 17763.404

April 02, 2019
KB4490481Resolved
KB4493509April 09, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >OS Build 17763.253

January 08, 2019
KB4480116Resolved
KB4493509April 09, 2019
10:00 AM PT
Error 1309 when installing/uninstalling MSI or MSP files
Users may receive \"Error 1309\" while installing or uninstalling certain types of MSI and MSP files.

See details >OS Build 17763.316

February 12, 2019
KB4487044Resolved
KB4489899March 12, 2019
10:00 AM PT -
Global DNS outage affects Windows Update customers
Windows Update customers were recently affected by a network infrastructure event caused by an external DNS service provider's global outage.

See details >N/A

Resolved
March 08, 2019
11:15 AM PT
Apps may stop working after selecting an audio output device other than the default
Users with multiple audio devices that select an audio output device different from the \"Default Audio Device\" may find certain applications stop working unexpectedly.

See details >OS Build 17763.348

March 01, 2019
KB4482887Resolved
KB4490481April 02, 2019
10:00 AM PT " @@ -152,7 +151,6 @@ sections: -
DetailsOriginating updateStatusHistory
Internet Explorer 11 authentication issue with multiple concurrent logons
After installing KB4480116, Internet Explorer 11 and other applications that use WININET.DLL may have authentication issues. This occurs when two or more people use the same user account for multiple, concurrent login sessions on the same Windows Server machine, including Remote Desktop Protocol (RDP) and Terminal Server logons. Symptoms reported by customers include, but may not be limited to: 
  • Cache size and location show zero or empty. 
  • Keyboard shortcuts may not work properly. 
  • Webpages may intermittently fail to load or render correctly. 
  • Issues with credential prompts. 
  • Issues when downloading files. 
Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: This issue was resolved in KB4493509

Back to top		OS Build 17763.253

January 08, 2019
KB4480116		Resolved
KB4493509		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
MSXML6 may cause applications to stop responding
After installing KB4480116, MSXML6 causes applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().
 
The Group Policy editor may stop responding when editing a Group Policy Object (GPO) that contains Group Policy Preferences (GPP) for Internet Explorer 10 settings. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4493509

Back to top		OS Build 17763.253

January 08, 2019
KB4480116		Resolved
KB4493509		Resolved:
April 09, 2019
10:00 AM PT

Opened:
January 08, 2019
10:00 AM PT
Global DNS outage affects Windows Update customers
Windows Update customers were affected by a network infrastructure event on January 29, 2019 (21:00 UTC), caused by an external DNS service provider's global outage. A software update to the external provider's DNS servers resulted in the distribution of corrupted DNS records that affected connectivity to the Windows Update service. The DNS records were restored by January 30, 2019 (00:10 UTC), and the majority of local Internet Service Providers (ISP) have refreshed their DNS servers and customer services have been restored. 
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
While this was not an issue with Microsoft's services, we take any service disruption for our customers seriously. We will work with partners to better understand this so we can provide higher quality service in the future even across diverse global network providers. 
 
If you are still unable to connect to Windows Update services due to this problem, please contact your local ISP or network administrator. You can also refer to our new KB4493784 for more information to determine if your network is affected, and to provide your local ISP or network administrator with additional information to assist you. 

Back to top		N/A

Resolved
Resolved:
March 08, 2019
11:15 AM PT

Opened:
January 29, 2019
02:00 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index 56fb3d90af..348d00243a 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -59,6 +60,15 @@ sections:
" +- title: September 2019 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		Resolved:
September 10, 2019
10:00 AM PT

Opened:
September 04, 2019
02:25 PM PT
+ " + - title: August 2019 - items: - type: markdown diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index 9a8ebe8053..a764bbb877 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -61,7 +61,6 @@ sections: text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

-
SummaryOriginating updateStatusLast updated
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
" @@ -79,7 +78,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512497, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517276. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4517276 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 10240.18305

August 13, 2019
KB4512497		Resolved
KB4517276		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503291) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index da23159b5b..208a38f5dd 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,12 +60,11 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - - @@ -84,9 +83,8 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 14393.3115

July 16, 2019
KB4507459		Resolved
KB4512517		August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		August 17, 2019
02:00 PM PT
Internet Explorer 11 and apps using the WebBrowser control may fail to render
JavaScript may fail to render as expected in Internet Explorer 11 and in apps using JavaScript or the WebBrowser control.

See details >		OS Build 14393.3085

July 09, 2019
KB4507460		Resolved
KB4512517		August 13, 2019
10:00 AM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
August 01, 2019
05:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
+ - -
DetailsOriginating updateStatusHistory
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4516044.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Resolved
KB4516044		Resolved:
September 10, 2019
10:00 AM PT

Opened:
August 01, 2019
05:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512517, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512495. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512495 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 14393.3144

August 13, 2019
KB4512517		Resolved
KB4512495		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503267) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.3053

June 18, 2019
KB4503294		Investigating
Last updated:
August 01, 2019
05:00 PM PT

Opened:
August 01, 2019
05:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 804da5f5fe..626ca1a8e2 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -68,7 +68,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 15063.1955

July 16, 2019
KB4507467		Resolved
KB4512507		August 13, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
" @@ -86,7 +85,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512507, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512474. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512474 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 15063.1988

August 13, 2019
KB4512507		Resolved
KB4512474		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503279) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 27e013f10f..ef4bc11351 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -63,7 +63,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >OS Build 16299.1296

July 16, 2019
KB4507465Resolved
KB4512516August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 16299.1331

August 13, 2019
KB4512516Resolved
KB4512494August 16, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved External
August 09, 2019
07:03 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 16299.904

January 08, 2019
KB4480978Mitigated
April 25, 2019
02:00 PM PT " @@ -81,7 +80,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512516, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512494. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512494 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 16299.1331

August 13, 2019
KB4512516		Resolved
KB4512494		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503284) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index 5b3d8b4dd9..a227eb41e0 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -69,7 +69,6 @@ sections:
Notification issue: \"Your device is missing important security and quality fixes.\"
Some users may have incorrectly received the notification \"Your device is missing important security and quality fixes.\"

See details >N/A

Resolved
September 03, 2019
12:32 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved External
August 09, 2019
07:03 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17134.829

June 11, 2019
KB4503286Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >OS Build 17134.523

January 08, 2019
KB4480966Mitigated
April 25, 2019
02:00 PM PT @@ -97,7 +96,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17134.950

August 13, 2019
KB4512501		Resolved
KB4512509		Resolved:
August 19, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503286) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index d85effd748..d0f9c241ed 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -67,7 +67,6 @@ sections:
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >OS Build 17763.652

July 22, 2019
KB4505658Resolved
KB4511553August 13, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved External
August 09, 2019
07:03 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data.

See details >OS Build 17763.55

October 09, 2018
KB4464330Investigating
August 01, 2019
05:00 PM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >OS Build 17763.557

June 11, 2019
KB4503327Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >OS Build 17763.437

April 09, 2019
KB4493509Mitigated
May 03, 2019
10:59 AM PT @@ -88,7 +87,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4511553, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512534. This ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512534 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 17763.678

August 13, 2019
KB4511553		Resolved
KB4512534		Resolved:
August 17, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503327) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
Apps and scripts using the NetQueryDisplayInformation API may fail with error
 Applications and scripts that call the NetQueryDisplayInformation API or the WinNT provider equivalent may fail to return results after the first page of data, often 50 or 100 entries. When requesting additional pages you may receive the error, “1359: an internal error occurred.”

Affected platforms:
  • Server: Windows Server 2019; Windows Server 2016
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.55

October 09, 2018
KB4464330		Investigating
Last updated:
August 01, 2019
05:00 PM PT

Opened:
August 01, 2019
05:00 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index efe7452abd..d203f071d7 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -65,15 +65,14 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - - @@ -95,7 +94,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		September 10, 2019
10:00 AM PT
Domain connected devices that use MIT Kerberos realms will not start up
Devices connected to a domain that is configured to use MIT Kerberos realms will not start up or may continue to restart after updating.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Issues updating when certain versions of Intel storage drivers are installed
Certain versions of Intel Rapid Storage Technology (Intel RST) drivers may cause updating to Windows 10, version 1903 to fail.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Desktop Search may not return any results and may have high CPU usage
Windows Desktop Search may not return any results and SearchUI.exe may have high CPU usage after installing KB4512941.

See details >		OS Build 18362.329

August 30, 2019
KB4512941		Investigating
September 04, 2019
02:25 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Initiating a Remote Desktop connection may result in black screen
When initiating a Remote Desktop connection to devices with some older GPU drivers, you may receive a black screen.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language was changed between updates

See details >		OS Build 18362.116

May 20, 2019
KB4505057		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4512941		August 30, 2019
10:00 AM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive an error, \"Updates Failed, There were problems installing some updates, but we'll try again later\" and \"Error 0x80073701.\"

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
August 16, 2019
04:28 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
August 09, 2019
07:03 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated External
August 01, 2019
08:44 PM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Mitigated
August 01, 2019
06:27 PM PT
The dGPU may occasionally disappear from device manager on Surface Book 2 with dGPU
Some apps or games that needs to perform graphics intensive operations may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
July 16, 2019
09:04 AM PT
- +
DetailsOriginating updateStatusHistory
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Next steps: We are working on a resolution and estimate a solution will be available in mid-September.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Investigating
Last updated:
September 04, 2019
02:25 PM PT

Opened:
September 04, 2019
02:25 PM PT
Windows Desktop Search may not return any results and may have high CPU usage
Microsoft is getting reports that a small number of users may not receive results when using Windows Desktop Search and may see high CPU usage from SearchUI.exe when searching after installing KB4512941. This issue is only encountered on devices in which searching the web from Windows Desktop Search has been disabled.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4515384.

Back to top		OS Build 18362.329

August 30, 2019
KB4512941		Resolved
KB4515384		Resolved:
September 10, 2019
10:00 AM PT

Opened:
September 04, 2019
02:25 PM PT
" @@ -106,7 +105,6 @@ sections: -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512508, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4512941. The ‘optional’ update is available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512941 and install. For instructions, see Update Windows 10.

Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS).

Back to top		OS Build 18362.295

August 13, 2019
KB4512508		Resolved
KB4512941		Resolved:
August 30, 2019
10:00 AM PT

Opened:
August 14, 2019
03:34 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Investigating
Last updated:
August 16, 2019
04:28 PM PT

Opened:
August 16, 2019
01:41 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503293) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml index a8fa52963a..5722012e0f 100644 --- a/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml @@ -60,12 +60,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.

See details >		August 13, 2019
KB4512506		Investigating
September 10, 2019
09:48 AM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Resolved External
August 27, 2019
02:29 PM PT
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503292		Resolved
KB4512514		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512506		Resolved
KB4517297		August 16, 2019
02:00 PM PT
IA64 and x64 devices may fail to start after installing updates
After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.

See details >		August 13, 2019
KB4512506		Mitigated
August 17, 2019
12:59 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >		April 09, 2019
KB4493472		Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503292		Resolved External
August 09, 2019
07:03 PM PT
" @@ -76,6 +76,15 @@ sections:
" +- title: September 2019 +- items: + - type: markdown + text: " + + +
DetailsOriginating updateStatusHistory
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Next steps: Microsoft is working with Toshiba to resolve this issue and will provide an update in an upcoming release.

Back to top		August 13, 2019
KB4512506		Investigating
Last updated:
September 10, 2019
09:48 AM PT

Opened:
September 10, 2019
09:48 AM PT
+ " + - title: August 2019 - items: - type: markdown @@ -84,7 +93,6 @@ sections:
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.

Back to topAugust 13, 2019
KB4512506Resolved External
Last updated:
August 27, 2019
02:29 PM PT

Opened:
August 13, 2019
10:05 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512506, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517297. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to topAugust 13, 2019
KB4512506Resolved
KB4517297Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
IA64 and x64 devices may fail to start after installing updates
IA64 devices (in any configuration) and x64 devices using EFI boot that were provisioned after the July 9th updates and/or skipped the recommended update (KB3133977), may fail to start with the following error:
\"File: \\Windows\\system32\\winload.efi
Status: 0xc0000428
Info: Windows cannot verify the digital signature for this file.\"

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Take Action: To resolve this issue please follow the steps outlined in the SHA-2 support FAQ article for error code 0xc0000428.

Back to topAugust 13, 2019
KB4512506Mitigated
Last updated:
August 17, 2019
12:59 PM PT

Opened:
August 13, 2019
08:34 AM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503292) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to topJune 11, 2019
KB4503292Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT " diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index 3efbd362b4..362bc0e782 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -63,7 +63,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503276Resolved
KB4512478August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices with McAfee Endpoint Security Threat Prevention 10.x, Host Intrusion Prevention 8.0, or VirusScan Enterprise 8.8 may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT -
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >June 11, 2019
KB4503276Resolved External
August 09, 2019
07:03 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >April 25, 2019
KB4493443Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >January 08, 2019
KB4480963Mitigated
April 25, 2019
02:00 PM PT @@ -82,7 +81,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512488, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517298. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512488		Resolved
KB4517298		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503276) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503276		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-server-2008-sp2.yml b/windows/release-information/status-windows-server-2008-sp2.yml index d1010bdae7..2954482f10 100644 --- a/windows/release-information/status-windows-server-2008-sp2.yml +++ b/windows/release-information/status-windows-server-2008-sp2.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503273		Resolved
KB4512499		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512476		Resolved
KB4517301		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503273		Resolved External
August 09, 2019
07:03 PM PT
" @@ -79,7 +78,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512476, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517301. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512476		Resolved
KB4517301		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503273) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503273		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index 055acb57ff..e78082f2be 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -62,7 +62,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >		June 11, 2019
KB4503285		Resolved
KB4512512		August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and VBScript may stop responding and you may receive an error.

See details >		August 13, 2019
KB4512518		Resolved
KB4517302		August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on Windows devices that installed updates on June 11, 2019 or later.

See details >		June 11, 2019
KB4503285		Resolved External
August 09, 2019
07:03 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
@@ -81,7 +80,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
After installing KB4512518, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\"

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4517302. The ‘optional’ update is now available on Microsoft Update Catalog and Windows Server Update Services (WSUS).

Back to top		August 13, 2019
KB4512518		Resolved
KB4517302		Resolved:
August 16, 2019
02:00 PM PT

Opened:
August 14, 2019
03:34 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503285) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to top		June 11, 2019
KB4503285		Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 2785208d7d..eabfaa9012 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + From 5d2b893b94281bcc3937e09acd2e642fe6d99d05 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 10 Sep 2019 11:42:27 -0700 Subject: [PATCH 101/113] pull from public to private and fix warnings --- mdop/mbam-v25/upgrade-mbam2.5-sp1.md | 3 ++- windows/client-management/introduction-page-file.md | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md index 491bee386a..f30ade580a 100644 --- a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md +++ b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md @@ -5,7 +5,8 @@ ms.author: ksharma manager: audience: ITPro ms.topic: article -ms.prod: +ms.prod: w10 +manager: miaposto localization_priority: Normal --- diff --git a/windows/client-management/introduction-page-file.md b/windows/client-management/introduction-page-file.md index 853c4fda96..662ae5f90e 100644 --- a/windows/client-management/introduction-page-file.md +++ b/windows/client-management/introduction-page-file.md @@ -8,7 +8,7 @@ author: Deland-Han ms.localizationpriority: medium ms.author: delhan ms.reviewer: greglin -manager: +manager: willchen --- # Introduction to page files From df6f5765184988b95770321c5cd781307db11889 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 10 Sep 2019 12:07:53 -0700 Subject: [PATCH 102/113] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417 (#1077) --- windows/release-information/windows-message-center.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index eabfaa9012..57a7a4c18d 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,7 +50,7 @@ sections: text: "
MessageDate
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, , follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT
- + From da491c1ff8c068591cc50874b1c9e92658629907 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 10 Sep 2019 12:40:25 -0700 Subject: [PATCH 103/113] Update tvm-security-recommendation.md --- .../microsoft-defender-atp/tvm-security-recommendation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index 0c8c9f14f6..b0e38b75c6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -36,7 +36,7 @@ Each machine in the organization is scored based on three important factors: thr ## Navigate through your security recommendations -You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need, as you require it. +You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page to give you the context that you need, as you require it. There are security recommendations for application, operating system, network, accounts, and security controls. From a8680be7feb0e5cbf7a4f002d1c99f2c1c127994 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Tue, 10 Sep 2019 13:41:31 -0700 Subject: [PATCH 105/113] CAT Auto Pulish for Windows Release Messages - 20190910123725 (#1079) * Update waas-servicing-differences.md Added two clarifications regarding Windows 10 preview updates. I have consistently fielded questions about why they are 'missing' in people's enterprise environments. It almost always boils down to one of these two notes: they either weren't published to WSUS or they are looking for the word 'Preview' in the title. * Update windows/deployment/update/waas-servicing-differences.md Looks great, thanks Johan! Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update waas-servicing-differences.md Implement the MarkDown standard of using 1 space between the indent marker > and the [!Note] markers * Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update windows/deployment/update/waas-servicing-differences.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Updated the document Updated the steps in the document related to Windows Analytics Solutions. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4392 * Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update windows/deployment/update/windows-analytics-FAQ-troubleshooting.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update autopilot-support.md Remove redundant line (PFE was the old term for an Ecosystem PM). And added new alias for Ecosystem PMs (after discussing all this with the Ecosystem PM managers). * Terminology Correction Terminology Correction * Incorrect Command Line Arguments According to this doc https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-setup-command-line-options the correct command line argument for ignoring dismissable warnings is /Compat IgnoreWarning not /compat /ignore warning as specified here in the docs. Also, the same incorrect message is included in the setupdiag.exe, so when the report is generated, it is providing incorrect guidance. * Update mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md * Enterprise Mode schema: duplicate https usage - Resolve duplicate use of https where both http and https was intended - MarkDown code fence XML tag corrections - Replace HTML `
` codes with NewLine - Remove redundant space at the end of the version 2 file Resolves #4769 * Update: NewLine changes - Remove extraneous NewLine breaks - Remove missed HTML `
` code * Update credential-guard-manage.md * Update event-5155.md * Update windows-autopilot-requirements.md Separated the Windows Autopilot deployment service and Windows Activation items into two separate rows to make it easier to read. * Update upgrade-mbam2.5-sp1.md * finish * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update windows/security/threat-protection/auditing/event-5155.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update kiosk-mdm-bridge.md * Windows Update resources: add MD code block Description: The list of manual regsvr32.exe commands becomes translated in other languages, to the extent that extra words appear among the commands. This is an attempt to mitigate this behavior in the machine translation, by adding a MarkDown code block around the list of commands. Proposed changes: - Add MD code block around the long list of regsvr32.exe commands - Remove blank space characters at the end of each line (cosmetic) issue ticket reference or closure: Ref. #4800 (Spanish "translation" of commands) Ref. #3569, #3570, #3571, #3572, #3574, #3575 ( [LOC] Back-Translation "regsvr32.exe [...]" ) * MetaData update: convert ^M (2x) to NewLine - replaced Ctrl-M character with NewLine in MetaData * Update mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * comment * Clarify the registry key needed to set tags * Update microsoft-defender-atp-mac-install-with-intune.md adding troubleshooting step for common 'no license found' issue * Add page for Audit Token Right Adjusted * Windows/What's New: amend broken link in See Also The first link under "See Also", "What's New in Windows Server, version 1903" , is broken because it points to the wrong directory for the file 'whats-new-in-windows-server-1903' which resides in the new directory /get-started-19/ instead of the old directory /get-started/. This directory difference is only present in the docs.microsoft.com pages, not on Github. The links are therefore pointing directly to the docs.microsoft.com pages instead of being relative to the Github directory structure. Broken link: https://docs.microsoft.com/windows-server/get-started/whats-new-in-windows-server-1903 Operative link: https://docs.microsoft.com/windows-server/get-started-19/whats-new-in-windows-server-1903 Closes #4784 * Update TOC.md * Added multifactor unlock Added multifactor unlock feature update using Passport for work CSP. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4700 * Added policies for 1803 and 1809 (1903 not out yet) https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3912 * Fix typo * Actually fix typos * Windows Defender Antivirus: amend broken link From the issue ticket > Set-mppreference is configured with dead URL. (#4831) - The link "Use the [Set-MpPreference][]" is broken, but without the empty brackets it will work as expected. - Removing the redundant empty brackets after the next link too. Closes #4831 * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update upgrading-to-mbam-25-sp1-from-mbam-25.md * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update windows/client-management/new-policies-for-windows-10.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * URL addition of OWA Added URL for OWA attachment protection using WIP Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3747 * Update windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Fixed text "Automated investigation" instead of "Alert" * Update waas-overview.md Corrected a typo * Update windows/deployment/update/waas-overview.md Makes sense. Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * edit * Update microsoft-recommended-block-rules.md updated typo in description. * Update windows/security/threat-protection/auditing/audit-token-right-adjusted.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * note ragarding Company Portal change https://github.com/MicrosoftDocs/windows-itpro-docs/issues/3843 info found here: https://blogs.technet.microsoft.com/cbernier/2018/03/08/windows-information-protection-adding-the-intune-company-portal-for-windows-as-an-exempt-app/ * Update microsoft-defender-atp-mac-install-with-intune.md * Microsoft Defender ATP: amend copy-paste error When using Microsoft Intune as part of the Defender ATP setup, it will become necessary to configure some controlled folder access. This bug looks like it could have been transferred from one of the other pages during editing, but I could not locate it easily enough. Anyway, the correct part of this step is to refer to -- Controlled folder access -- exactly as the page name points to. Thanks to jcampos79 for discovering this text-based bug. Closes #4854 * Updated how to disable HVCI Prior guidance to disable HVCI was outdated * Update windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * update content of upgrade mbam2.5 sp1 * Removed bullet Removed bullet as it was not making any sense. * format setting a minor format setting * Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Update windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * sample script syntax error due to ASCII codes for quotes sample script filter syntax contained ASCII codes for single quotes instead of actual quotes, causing the Get-CimInstance commands to error out. * Update how-windows-update-works.md: amend typo Simple typo correction, along with a few MarkDown codestyle corrections for MD blockquote (`>`) indenting. - typo correction: initates -> initiates - codestyle corrections: 3 MarkDown blockquote indentations amended Thanks to Jessie Gouw (jessiegouw) for reporting the typo. Closes #4866 * Moved '.' syntax description to a separate table * fixes #4760, broken table The formatting was broken because a pipe character was in the wrong place. There was also an extra row due to double spacing below the table. * Enterprise Mode schema: convert Important notes As previously discussed in this PR, I have converted the **Important** section headings by using their MarkDown equivalent > [!IMPORTANT] (as well as adding the blockquote for its text content). * Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md Per review. Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update text in windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md Per review. Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Spelled out acronym, fixed typo * pull from public to private and fix warnings * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) * pull from public to private and fix warnings * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417 (#1077) * Cat auto publish 20190910112417 (#1081) * Merge changes from master to live (#950) * v 1.6 * removed a known issue * removed references to CB, CBB * Latest changes for publish today (#949) * Merge from master to live (#956) * safety checkin * added location for group policy object * replaced reboot w/ restart * safety commit for some initial noodlings * restructured to emphasize new policy; connected to TOC * adjusting heading levels * fixing tables * Latest change for August 20 (#955) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190823163336 (#980) (#981) * CAT Auto Pulish for Windows Release Messages - 20190829112356 (#1007) * Update deploy-the-latest-firmware-and-drivers-for-surface-devices.md * add table * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829102107 (#1006) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190829175859 (#1012) (#1013) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190830100739 (#1018) (#1019) * CAT Auto Pulish for Windows Release Messages - 20190903135254 (#1033) * SIEM connector: change alert notion to Detection * update casing and redirects * remove space json file * fix json * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190903123340 (#1031) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190906173611 (#1061) (#1062) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910100213 (#1073) (#1074) * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20190910112417 --- ...terprise-mode-schema-version-1-guidance.md | 10 +- ...terprise-mode-schema-version-2-guidance.md | 22 +- mdop/mbam-v25/TOC.md | 1 + ...guration-manager-integration-topologies.md | 5 +- mdop/mbam-v25/upgrade-mbam2.5-sp1.md | 61 +++-- .../upgrading-to-mbam-25-sp1-from-mbam-25.md | 14 +- windows/client-management/TOC.md | 4 + .../determine-appropriate-page-file-size.md | 129 +++++++++ .../generate-kernel-or-complete-crash-dump.md | 111 ++++++++ .../images/out-of-memory.png | Bin 0 -> 41165 bytes .../images/task-manager-commit.png | Bin 0 -> 96419 bytes .../client-management/images/task-manager.png | Bin 0 -> 101967 bytes .../introduction-page-file.md | 70 +++++ ...-scripting-with-the-wmi-bridge-provider.md | 24 +- .../new-policies-for-windows-10.md | 226 +++++++++++++++ .../system-failure-recovery-options.md | 205 ++++++++++++++ .../troubleshoot-windows-startup.md | 40 ++- windows/configuration/kiosk-mdm-bridge.md | 5 +- .../update/how-windows-update-works.md | 12 +- windows/deployment/update/waas-overview.md | 2 +- .../update/waas-servicing-differences.md | 10 +- .../windows-analytics-FAQ-troubleshooting.md | 14 +- .../update/windows-update-resources.md | 258 +++++++++--------- windows/deployment/upgrade/setupdiag.md | 2 +- .../windows-autopilot/autopilot-support.md | 6 +- .../windows-autopilot-requirements.md | 7 +- .../windows-message-center.yml | 2 +- .../credential-guard-manage.md | 4 +- .../feature-multifactor-unlock.md | 1 + .../enlightened-microsoft-apps-and-wip.md | 4 + ...recommended-network-definitions-for-wip.md | 1 + ...advanced-security-audit-policy-settings.md | 2 +- .../auditing/audit-token-right-adjusted.md | 27 ++ .../threat-protection/auditing/event-5155.md | 129 +++++++-- ...tion-based-protection-of-code-integrity.md | 7 +- .../automated-investigations.md | 4 +- .../enable-controlled-folders.md | 4 +- .../microsoft-defender-atp/machine-tags.md | 3 +- .../tvm-security-recommendation.md | 6 +- ...e-encryption-types-allowed-for-kerberos.md | 5 +- ...anage-report-windows-defender-antivirus.md | 2 +- ...ft-defender-atp-mac-install-with-intune.md | 6 + .../microsoft-recommended-block-rules.md | 2 +- .../configure-wd-app-guard.md | 14 +- 44 files changed, 1200 insertions(+), 261 deletions(-) create mode 100644 windows/client-management/determine-appropriate-page-file-size.md create mode 100644 windows/client-management/generate-kernel-or-complete-crash-dump.md create mode 100644 windows/client-management/images/out-of-memory.png create mode 100644 windows/client-management/images/task-manager-commit.png create mode 100644 windows/client-management/images/task-manager.png create mode 100644 windows/client-management/introduction-page-file.md create mode 100644 windows/client-management/system-failure-recovery-options.md create mode 100644 windows/security/threat-protection/auditing/audit-token-right-adjusted.md diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md index 3e8e129b3d..292c85b771 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md @@ -30,10 +30,10 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th ## Enterprise Mode schema v.1 example The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1. -**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both https://contoso.com and https://contoso.com. +> [!IMPORTANT] +> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com. -``` xml +```xml www.cpandl.com @@ -206,7 +206,7 @@ For example, say you want all of the sites in the contoso.com domain to open usi ### What not to include in your schema We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways: -- Don’t use protocols. For example, `https://`, `https://`, or custom protocols. They break parsing. +- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing. - Don’t use wildcards. - Don’t use query strings, ampersands break parsing. @@ -217,7 +217,7 @@ You can use trailing slashes at the path-level, but not at the domain-level: **Example** -``` xml +```xml contoso.com /about/ diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md index 17e4e860cf..66a056c506 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md @@ -26,8 +26,8 @@ ms.date: 12/04/2017 Use the Enterprise Mode Site List Manager to create and update your site list for devices running Windows 7, Windows 8.1, and Windows 10, using the version 2.0 (v.2) of the Enterprise Mode schema. If you don't want to use the Enterprise Mode Site List Manager, you also have the option to update your XML schema using Notepad, or any other XML-editing app. -**Important**
-If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). +> [!IMPORTANT] +> If you're running Windows 7 or Windows 8.1 and you've been using the version 1.0 (v.1) of the schema, you can continue to do so, but you won't get the benefits that come with the updated schema. For info about the v.1 schema, see [Enterprise Mode schema v.1 guidance](enterprise-mode-schema-version-1-guidance.md). ## Enterprise Mode schema v.2 updates Because of the schema changes, you can't combine the old version (v.1) with the new version (v.2) of the schema. If you look at your XML file, you can tell which version you're using by: @@ -41,10 +41,10 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo ### Enterprise Mode v.2 schema example The following is an example of the v.2 version of the Enterprise Mode schema. -**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both https://contoso.com and https://contoso.com. +> [!IMPORTANT] +> Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com. -``` xml +```xml @@ -214,7 +214,7 @@ In this example, if https://contoso.com and https://contoso.com. +Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both http://contoso.com and https://contoso.com.

Example 

 <site url="contoso.com:8080">
@@ -284,19 +284,15 @@ With:
 
 While the old, replaced attributes aren't supported in the v.2 version of the schema, they'll continue to work in the v.1 version of the schema. If, however, you're using the v.2 version of the schema and these attributes are still there, the v.2 version schema takes precedence. We don’t recommend combining the two schemas, and instead recommend that you move to the v.2 version of the schema to take advantage of the new features.
 
-**Important**

-Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
+> [!IMPORTANT]
+> Saving your v.1 version of the file using the new Enterprise Mode Site List Manager (schema v.2) automatically updates the XML to the new v.2 version of the schema.
 
 ### What not to include in your schema
 We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
 
-- Don’t use protocols. For example, https://, https://, or custom protocols. They break parsing.
+- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
 - Don’t use wildcards.
 - Don’t use query strings, ampersands break parsing.
 
 ## Related topics
 - [Use the Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md)
-
-
-
-
diff --git a/mdop/mbam-v25/TOC.md b/mdop/mbam-v25/TOC.md
index a33c126e12..01a083b8b8 100644
--- a/mdop/mbam-v25/TOC.md
+++ b/mdop/mbam-v25/TOC.md
@@ -83,6 +83,7 @@
 #### [Monitoring Web Service Request Performance Counters](monitoring-web-service-request-performance-counters.md)
 ### [Using Windows PowerShell to Administer MBAM 2.5](using-windows-powershell-to-administer-mbam-25.md)
 ## [Troubleshooting MBAM 2.5](troubleshooting-mbam-25.md)
+### [Upgrade from MBAM 2.5 to MBAM 2.5 SP1](upgrade-mbam2.5-sp1.md)
 ## [Applying hotfixes on MBAM 2.5 SP1](apply-hotfix-for-mbam-25-sp1.md)
 ## [Technical Reference for MBAM 2.5](technical-reference-for-mbam-25.md)
 ### [Client Event Logs](client-event-logs.md)
diff --git a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
index e6b0faca0c..b95c5a854c 100644
--- a/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
+++ b/mdop/mbam-v25/mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md
@@ -260,8 +260,9 @@ The following table lists the installation prerequisites for the MBAM Administra
MessageDate
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, , follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT

Windows Server Features

.NET Framework 4.5 features:

    -

  • .NET Framework 4.5

    +

  • .NET Framework 4.5 or 4.6

      +

    • Windows Server 2016 - .NET Framework 4.6 is already installed for these versions of Windows Server, but you must enable it.

    • Windows Server 2012 or Windows Server 2012 R2 - .NET Framework 4.5 is already installed for these versions of Windows Server, but you must enable it.

    • Windows Server 2008 R2 - .NET Framework 4.5 is not included with Windows Server 2008 R2, so you must download Microsoft .NET Framework 4.5 and install it separately.

      @@ -274,7 +275,7 @@ The following table lists the installation prerequisites for the MBAM Administra

    • WCF Activation

      • HTTP Activation

        • -

      • Non-HTTP Activation

        +

      • Non-HTTP Activation (Only for Windows Server 2008, 2012, and 2012 R2)

    • TCP Activation

      • diff --git a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md index 045cee4b55..f30ade580a 100644 --- a/mdop/mbam-v25/upgrade-mbam2.5-sp1.md +++ b/mdop/mbam-v25/upgrade-mbam2.5-sp1.md @@ -2,48 +2,67 @@ title: Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update author: TobyTu ms.author: ksharma -manager: dcscontentpm +manager: audience: ITPro ms.topic: article -ms.prod: mbam +ms.prod: w10 +manager: miaposto localization_priority: Normal --- -# Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update +# Upgrade from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update -This article provides step-by-step instructions for upgrading Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 SP1 along with Microsoft Desktop Optimization Pack (MDOP) July 2018 Servicing update in a stand-alone configuration. In this guide we will use a two-server configuration. One of the two servers will be a database server that's running Microsoft SQL Server 2016. This server will host the MBAM databases and reports. The additional server will be a Windows Server 2012 R2 web server and will host "Administration and Monitoring Server" and "Self-Service Portal." +This article provides step-by-step instructions to upgrade Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 Service Pack 1 (SP1) together with the Microsoft Desktop Optimization Pack (MDOP) July 2018 servicing update in a standalone configuration. -## Preparation steps before you upgrade MBAM 2.5 SP1 server +In this guide, we will use a two-server configuration. One server will be a database server that's running Microsoft SQL Server 2016. This server will host the MBAM databases and reports. The other server will be a Windows Server 2012 R2 web server. This server will host "Administration and Monitoring" and "Self-Service Portal." -### Know the MBAM Servers in your environment +## Prepare to upgrade MBAM 2.5 SP1 -1. SQL Server Database Engine: Server Hosting the MBAM Databases. -2. SQL Server Reporting Services: Server Hosting the MBAM Reports. -3. Internet Information Services (IIS) Web Servers: Server Hosting MBAM Web Applications and Services. -4. (Optional) Microsoft System Center Configuration Manager (SCCM) Primary Site Server: MBAM Configuration Application is run on this server to integrate MBAM Repots with SCCM which are then merged with existing SCCM reports on the SCCM’s SQL Server Reporting Services (SSRS) instance. +### Know the MBAM servers in your environment -### Identify Service Accounts, Groups, Server Name and Reports URL +1. SQL Server Database Engine: Server that hosts the MBAM databases. +2. SQL Server Reporting Services: Server that hosts the MBAM reports. +3. Internet Information Services (IIS) web servers: Server that hosts MBAM Web Applications and MBAM services. +4. (Optional) Microsoft System Center Configuration Manager primary site server: The MBAM configuration application is run on this server to integrate MBAM reports with Configuration Manager. These reports are then merged with existing Configuration Manager reports on the Configuration Manager SQL Server Reporting Services (SSRS) instance. + +### Identify service accounts, groups, server name, and reports URL + +1. Identify the MBAM application pool service account that's used by IIS web servers to read and write data to MBAM databases. +2. Identify the groups that are used during the MBAM web features configuration and the reports web service URL. +3. Identify the SQL Server name and instance name. Watch this video to learn more. -1. Identify the MBAM App Pool Svc Account used by IIS web servers to Read and Write Data to MBAM Databases. -2. Identify the Groups used during MBAM Web Features Configuration and the Reports Web Service URL. -3. Identify the SQL Server Name and Instance Name. > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ANP1] -4. Identify the SQL Server Reporting Services Account used for reading compliance data from Compliance and Audit Database. + +4. Identify the SQL Server Reporting Services Account that's used for reading compliance data from the Compliance and Audit database. Watch this video to learn more. + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALdZ] -## Upgrade the MBAM Infrastructure to the latest version available +## Upgrade the MBAM infrastructure to the latest version available + +MBAM Server infrastructure installation or upgrade is always performed in the order listed below: + +- SQL Server Database Engine: Databases +- SQL Server Reporting Services: Reports +- Web Server: Web Applications +- SCCM Server: SCCM Integrated Reports if applicable +- Clients: MBAM Agent or Client Update +- Group Policy Templates: Update the existing Group Policy with new templates and enable new settings on existing MBAM Group Policy > [!NOTE] -> We recommend that you take a full database backup of the MBAM Databases before performing upgrades. +> We recommend that you create a full database backup of the MBAM databases before you run the upgrades. ### Upgrade the MBAM SQL Server -> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALew] +Watch this video to learn how to upgrade the MBAM SQL Server: -### Upgrade MBAM Web Server + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALew] -> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALex] +### Upgrade the MBAM Web Server + +Watch this video to learn how to upgrade the MBAM Web Server: + + > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE3ALex] ## More information -For more about MBAM 2.5 SP1 known issues, please refer [Release Notes for MBAM 2.5 SP1](https://docs.microsoft.com/microsoft-desktop-optimization-pack/mbam-v25/release-notes-for-mbam-25-sp1). +For more information about known issues in MBAM 2.5 SP1, see [Release Notes for MBAM 2.5 SP1](https://docs.microsoft.com/microsoft-desktop-optimization-pack/mbam-v25/release-notes-for-mbam-25-sp1). diff --git a/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md b/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md index d71c2b2b2a..4e0f5b098c 100644 --- a/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md +++ b/mdop/mbam-v25/upgrading-to-mbam-25-sp1-from-mbam-25.md @@ -17,8 +17,8 @@ ms.date: 2/16/2018 This topic describes the process for upgrading the Microsoft BitLocker Administration and Monitoring (MBAM) Server 2.5 and the MBAM Client from 2.5 to MBAM 2.5 SP1. ### Before you begin -#### Download the July 2018 servicing release -[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=57157) +#### Download the May 2019 servicing release +[Desktop Optimization Pack](https://www.microsoft.com/download/details.aspx?id=58345) #### Verify the installation documentaion Verify you have a current documentation of your MBAM environment, including all server names, database names, service accounts and their passwords. @@ -29,7 +29,7 @@ Verify you have a current documentation of your MBAM environment, including all Note: You will not see an option to remove the Databases; this is expected. 2. Install 2.5 SP1 (Located with MDOP - Microsoft Desktop Optimization Pack 2015 from the Volume Licensing Service Center site: 3. Do not configure it at this time  -4. Install the July 2018 Rollup: https://www.microsoft.com/download/details.aspx?id=57157 +4. Install the May 2019 Rollup: https://www.microsoft.com/download/details.aspx?id=58345 5. Using the MBAM Configurator; re-add the Reports role 6. This will configure the SSRS connection using the latest MBAM code from the rollup  7. Using the MBAM Configurator; re-add the SQL Database role on the SQL Server. @@ -40,13 +40,13 @@ Verify you have a current documentation of your MBAM environment, including all 1. Using the MBAM Configurator; remove the Admin and Self Service Portals from the IIS server 2. Install MBAM 2.5 SP1 3. Do not configure it at this time   -4. Install the July 2018 Rollup on the IIS server(https://www.microsoft.com/download/details.aspx?id=57157) +4. Install the May 2019 Rollup on the IIS server(https://www.microsoft.com/download/details.aspx?id=58345) 5. Using the MBAM Configurator; re-add the Admin and Self Service Portals to the IIS server  -6. This will configure the sites using the latest MBAM code from the July 2018 Rollup +6. This will configure the sites using the latest MBAM code from the May 2019 Rollup 7. Open an elevated command prompt, Type: **IISRESET** and Hit Enter. #### Steps to upgrade the MBAM Clients/Endpoints 1. Uninstall the 2.5 Agent from client endpoints 2. Install the 2.5 SP1 Agent on the client endpoints -3. Push out the July 2018 Rollup Client update to clients running the 2.5 SP1 Agent  -4. There is no need to uninstall the existing client prior to installing the July 2018 Rollup.   +3. Push out the May 2019 Rollup Client update to clients running the 2.5 SP1 Agent  +4. There is no need to uninstall the existing client prior to installing the May 2019 Rollup.   diff --git a/windows/client-management/TOC.md b/windows/client-management/TOC.md index d3c28bfc73..05d41bdfa9 100644 --- a/windows/client-management/TOC.md +++ b/windows/client-management/TOC.md @@ -22,6 +22,10 @@ ##### [Troubleshoot port exhaustion](troubleshoot-tcpip-port-exhaust.md) ##### [Troubleshoot Remote Procedure Call (RPC) errors](troubleshoot-tcpip-rpc-errors.md) ### [Advanced troubleshooting for Windows startup](troubleshoot-windows-startup.md) +#### [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md) +#### [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md) +#### [Introduction to the page file](introduction-page-file.md) +#### [Configure system failure and recovery options in Windows](system-failure-recovery-options.md) #### [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md) #### [Advanced troubleshooting for Windows-based computer freeze](troubleshoot-windows-freeze.md) #### [Advanced troubleshooting for stop error or blue screen error](troubleshoot-stop-errors.md) diff --git a/windows/client-management/determine-appropriate-page-file-size.md b/windows/client-management/determine-appropriate-page-file-size.md new file mode 100644 index 0000000000..b6abb3661e --- /dev/null +++ b/windows/client-management/determine-appropriate-page-file-size.md @@ -0,0 +1,129 @@ +--- +title: How to determine the appropriate page file size for 64-bit versions of Windows +description: Learn how to determine the appropriate page file size for 64-bit versions of Windows. +ms.prod: w10 +ms.sitesec: library +ms.topic: troubleshooting +author: Deland-Han +ms.localizationpriority: medium +ms.author: delhan +ms.date: 8/28/2019 +ms.reviewer: +manager: dcscontentpm +--- + +# How to determine the appropriate page file size for 64-bit versions of Windows + +Page file sizing depends on the system crash dump setting requirements and the peak usage or expected peak usage of the system commit charge. Both considerations are unique to each system, even for systems that are identical. This means that page file sizing is also unique to each system and cannot be generalized. + +## Determine the appropriate page file size + +Use the following considerations for page file sizing for all versions of Windows and Windows Server. + +### Crash dump setting + +If you want a crash dump file to be created during a system crash, a page file or a dedicated dump file must exist and be large enough to back up the system crash dump setting. Otherwise, a system memory dump file is not created. + +For more information, see [Support for system crash dumps](introduction-page-file.md#support-for-system-crash-dumps) section. + +### Peak system commit charge + +The system commit charge cannot exceed the system commit limit. This limit is the sum of physical memory (RAM) and all page files combined. If no page files exist, the system commit limit is slightly less than the physical memory that is installed. Peak system-committed memory usage can vary greatly between systems. Therefore, physical memory and page file sizing also vary. + +### Quantity of infrequently accessed pages + +The purpose of a page file is to *back* (support) infrequently accessed modified pages so that they can be removed from physical memory. This provides more available space for more frequently accessed pages. The "\Memory\Modified Page List Bytes" performance counter measures, in part, the number of infrequently accessed modified pages that are destined for the hard disk. However, be aware that not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. Therefore, consider extending or adding a page file if all the following conditions are true: + +- More available physical memory (\Memory\Available MBytes) is required. + +- The modified page list contains a significant amount of memory. + +- The existing page files are fairly full (\Paging Files(*)\% Usage). + +## Support for system crash dumps + +A system crash (also known as a “bug check” or a "Stop error") occurs when the system cannot run correctly. The dump file that is produced from this event is called a system crash dump. A page file or dedicated dump file is used to write a crash dump file (Memory.dmp) to disk. Therefore, a page file or a dedicated dump file must be large enough to support the kind of crash dump selected. Otherwise, the system cannot create the crash dump file. + +>[!Note] +>During startup, system-managed page files are sized respective to the system crash dump settings. This assumes that enough free disk space exists. + +|System crash dump setting |Minimum page file size requirement| +|-----------|-------------------| +|Small memory dump (256 KB) |1 MB| +|Kernel memory dump |Depends on kernel virtual memory usage| +|Complete memory dump |1 x RAM plus 257 MB*| +|Automatic memory dump |Depends on kernel virtual memory usage. For details, see Automatic memory dump.| + +\* 1 MB of header data and device drivers can total 256 MB of secondary crash dump data. + +The **Automatic memory dump** setting is enabled by default. This is a setting instead of a kind of crash dump. This setting automatically selects the best page file size, depending on the frequency of system crashes. + +The Automatic memory dump feature initially selects a small paging file size. It would accommodate the kernel memory most of the time. If the system crashes again within four weeks, the Automatic memory dump feature sets the page file size as either the RAM size or 32 GB, whichever is smaller. + +Kernel memory crash dumps require enough page file space or dedicated dump file space to accommodate the kernel mode side of virtual memory usage. If the system crashes again within four weeks of the previous crash, a Complete memory dump is selected at restart. This requires a page file or dedicated dump file of at least the size of physical memory (RAM) plus 1 MB for header information plus 256 MB for potential driver data to support all the potential data that is dumped from memory. Again, the system-managed page file will be increased to back this kind of crash dump. If the system is configured to have a page file or a dedicated dump file of a specific size, make sure that the size is sufficient to back the crash dump setting that is listed in the table earlier in this section together with and the peak system commit charge. + +### Dedicated dump files + +Computers that are running Microsoft Windows or Microsoft Windows Server usually must have a page file to support a system crash dump. System administrators now have the option to create a dedicated dump file instead. + +A dedicated dump file is a page file that is not used for paging. Instead, it is “dedicated” to back a system crash dump file (Memory.dmp) when a system crash occurs. Dedicated dump files can be put on any disk volume that can support a page file. We recommend that you use a dedicated dump file if you want a system crash dump but you do not want a page file. + +## System-managed page files + +By default, page files are system-managed. This means that the page files increase and decrease based on many factors, such as the amount of physical memory installed, the process of accommodating the system commit charge, and the process of accommodating a system crash dump. + +For example, when the system commit charge is more than 90 percent of the system commit limit, the page file is increased to back it. This continues to occur until the page file reaches three times the size of physical memory or 4 GB, whichever is larger. This all assumes that the logical disk that is hosting the page file is large enough to accommodate the growth. + +The following table lists the minimum and maximum page file sizes of system-managed page files in Windows 10. + +|Minimum page file size |Maximum page file size| +|---------------|------------------| +|Varies based on page file usage history, amount of RAM (RAM ÷ 8, max 32 GB) and crash dump settings. |3 × RAM or 4 GB, whichever is larger. This is then limited to the volume size ÷ 8. However, it can grow to within 1 GB of free space on the volume if required for crash dump settings.| + +## Performance counters + +Several performance counters are related to page files. This section describes the counters and what they measure. + +### \Memory\Page/sec and other hard page fault counters + +The following performance counters measure hard page faults (which include, but are not limited to, page file reads): + +- \Memory\Page/sec + +- \Memory\Page Reads/sec + +- \Memory\Page Inputs/sec + +The following performance counters measure page file writes: + +- \Memory\Page Writes/sec + +- \Memory\Page Output/sec + +Hard page faults are faults that must be resolved by retrieving the data from disk. Such data can include portions of DLLs, .exe files, memory-mapped files, and page files. These faults might or might not be related to a page file or to a low-memory condition. Hard page faults are a standard function of the operating system. They occur when the following items are read: + +- Parts of image files (.dll and .exe files) as they are used + +- Memory-mapped files + +- A page file + +High values for these counters (excessive paging) indicate disk access of generally 4 KB per page fault on x86 and x64 versions of Windows and Windows Server. This disk access might or might not be related to page file activity but may contribute to poor disk performance that can cause system-wide delays if the related disks are overwhelmed. + +Therefore, we recommend that you monitor the disk performance of the logical disks that host a page file in correlation with these counters. Be aware that a system that has a sustained 100 hard page faults per second experiences 400 KB per second disk transfers. Most 7,200 RPM disk drives can handle about 5 MB per second at an IO size of 16 KB or 800 KB per second at an IO size of 4 KB. No performance counter directly measures which logical disk the hard page faults are resolved for. + +### \Paging File(*)\% Usage + +The \Paging File(*)\% Usage performance counter measures the percentage of usage of each page file. 100 percent usage of a page file does not indicate a performance problem as long as the system commit limit is not reached by the system commit charge, and if a significant amount of memory is not waiting to be written to a page file. + +>[!Note] +>The size of the Modified Page List (\Memory\Modified Page List Bytes) is the total of modified data that is waiting to be written to disk. + +If the Modified Page List (a list of physical memory pages that are the least frequently accessed) contains lots of memory, and if the **% Usage** value of all page files is greater than 90, you can make more physical memory available for more frequently access pages by increasing or adding a page file. + +>[!Note] +>Not all the memory on the modified page list is written out to disk. Typically, several hundred megabytes of memory remains resident on the modified list. + +## Multiple page files and disk considerations + +If a system is configured to have more than one page files, the page file that responds first is the one that is used. This means that page files that are on faster disks are used more frequently. Also, whether you put a page file on a “fast” or “slow” disk is important only if the page file is frequently accessed and if the disk that is hosting the respective page file is overwhelmed. Be aware that actual page file usage depends greatly on the amount of modified memory that the system is managing. This means that files that already exist on disk (such as .txt, .doc, .dll, and .exe) are not written to a page file. Only modified data that does not already exist on disk (for example, unsaved text in Notepad) is memory that could potentially be backed by a page file. After the unsaved data is saved to disk as a file, it is backed by the disk and not by a page file. diff --git a/windows/client-management/generate-kernel-or-complete-crash-dump.md b/windows/client-management/generate-kernel-or-complete-crash-dump.md new file mode 100644 index 0000000000..894ed853fc --- /dev/null +++ b/windows/client-management/generate-kernel-or-complete-crash-dump.md @@ -0,0 +1,111 @@ +--- +title: Generate a kernel or complete crash dump +description: Learn how to generate a kernel or complete crash dump. +ms.prod: w10 +ms.sitesec: library +ms.topic: troubleshooting +author: Deland-Han +ms.localizationpriority: medium +ms.author: delhan +ms.date: 8/28/2019 +ms.reviewer: +manager: dcscontentpm +--- + +# Generate a kernel or complete crash dump + +A system crash (also known as a “bug check” or a "Stop error") occurs when Windows can't run correctly. The dump file that is produced from this event is called a system crash dump. + +A manual kernel or complete memory dump file is useful when you troubleshoot several issues because the process captures a record of system memory at the time of a crash. + +## Set up page files + +See [Support for system crash dumps](determine-appropriate-page-file-size.md#support-for-system-crash-dumps) for the page file size requirement for system crash dump. + +## Enable memory dump setting + +You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure. + +To enable memory dump setting, follow these steps: + +1. In **Control Panel**, select **System and Security** > **System**. + +2. Select **Advanced system settings**, and then select the **Advanced** tab. + +3. In the **Startup and Recovery** area, select **Settings**. + +4. Make sure that **Kernel memory dump** or **Complete memory dump** is selected under **Writing Debugging Information**. + +5. Restart the computer. + +>[!Note] +>You can change the dump file path by edit the **Dump file** field. In other words, you can change the path from %SystemRoot%\Memory.dmp to point to a local drive that has enough disk space, such as E:\Memory.dmp. + +### Tips to generate memory dumps + +When the computer crashes and restarts, the contents of physical RAM are written to the paging file that is located on the partition on which the operating system is installed. + +Depending on the speed of the hard disk on which Windows is installed, dumping more than 2 gigabytes (GB) of memory may take a long time. Even in a best case scenario, if the dump file is configured to reside on another local hard drive, a significant amount of data will be read and written to the hard disks. This can cause a prolonged server outage. + +>[!Note] +>Use this method to generate complete memory dump files with caution. Ideally, you should do this only when you are explicitly requested to by the Microsoft Support engineer. Any kernel or complete memory dump file debugging should be the last resort after all standard troubleshooting methods have been completely exhausted. + +## Manually generate a memory dump file + +### Use the NotMyFault tool + +If you can log on while the problem is occurring, you can use the Microsoft Sysinternals NotMyFault tool. To do this, follow these steps: + +1. Download the [NotMyFault](https://download.sysinternals.com/files/NotMyFault.zip) tool. + +2. Select **Start**, and then select **Command Prompt**. +3. At the command line, run the following command: + + ```cmd + notMyfault.exe /crash + ``` + +>[!Note] +>This operation generates a memory dump file and a D1 Stop error. + +### Use NMI + +On some computers, you cannot use keyboard to generate a crash dump file. For example, Hewlett-Packard (HP) BladeSystem servers from the Hewlett-Packard Development Company are managed through a browser-based graphical user interface (GUI). A keyboard is not attached to the HP BladeSystem server. + +In these cases, you must generate a complete crash dump file or a kernel crash dump file by using the Non-Maskable Interrupt (NMI) switch that causes an NMI on the system processor. + +To do this, follow these steps: + +> [!IMPORTANT] +> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur. + +1. In Registry Editor, locate the following registry subkey: + **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl** + +2. Right-click **CrashControl**, point to **New**, and then click **DWORD Value**. + +3. Type NMICrashDump, and then press Enter. + +4. Right-click **NMICrashDump**, and then select **Modify**. + +5. In the **Value data** box, type **1**, and then select **OK**. + +6. Restart the computer. + +7. Hardware vendors, such as HP, IBM, and Dell, may provide an Automatic System Recovery (ASR) feature. You should disable this feature during troubleshooting. For example, if the HP and Compaq ASR feature is enabled in the BIOS, disable this feature while you troubleshoot to generate a complete Memory.dmp file. For the exact steps, contact your hardware vendor. + +8. Enable the NMI switch in the BIOS or by using the Integrated Lights Out (iLO) Web interface. + + >[!Note] + >For the exact steps, see the BIOS reference manual or contact your hardware vendor. + +9. Test this method on the server by using the NMI switch to generate a dump file. You will see a STOP 0x00000080 hardware malfunction. + +### Use the keyboard + +[Forcing a System Crash from the Keyboard](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/forcing-a-system-crash-from-the-keyboard) + +### Use Debugger + +[Forcing a System Crash from the Debugger](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/forcing-a-system-crash-from-the-debugger) + diff --git a/windows/client-management/images/out-of-memory.png b/windows/client-management/images/out-of-memory.png new file mode 100644 index 0000000000000000000000000000000000000000..c377389128117592d16f84308068259fa28e8726 GIT binary patch literal 41165 zcmdS9Wl$Ym&@PI*yF&sS*|>Xf0vmUC3m)7(xNqFu-Q8V-yIZgT!JW%{?suy0&-?S7 zsae%Et9o_!>YDDE)%}Dk%6~^iB0_?IfIyX&5?6+RfNc33`Up^;GvVFC_n!pPN%^}d zMD;Yu$>#%%g@~L81Vmjd@~aW-=QH9@DJ>@m2(-cf24oUF8ZiV!uCcVZh^o8(c^0f8 z@%Ocdo38JIKfE-g(i`d6#pYO?Y-n8f;=UB8rv1-F2w1KEyk)^@BG2Yc^^E*w>4nl6 zg*P2t!|eR*{2e!wemMb6ZiRpS;RSXe(cNG70$y_<1B5B!;33tppaO(>{{NGI#Hx;Y zIjjUxBs=g3Fi;*MPpCj%rKul0vHyF*LpMp6$QZ?)HR2=ka}MLzryl(H5jAOT$bx;i z0%v$fe{x}rPp$gmWHNwdJVF>9&qdXN)NNzH!*5o|CdGK-UzAS ze-LRf?GTUqMUV?YU9P$9J+vq1E)w;&U5r#mb(crnW+B29J-H$1QLk!bN`RAzs5CUm zd4T7eOll^nWcethFN6q2cqSAgPv9t;;=o@b|IvQ-0& z`E!#595#!Cwtb<0Fx4E*B1CG<7rbTdH{-Do>c9TyA@Q#z!cZ|RW;E6v2pjkva#^GA(Ho9!RbOt|MitJ3>-CVKo)TtitD}g8YUKrxV)MbbYQq8nN;lXA?>W{h zj6lRd3M^h&EPvA;6d<8sE^&j)`jiwG;tEgfpnc}CgM)~#G2Ty2tAa2_%N4Q7UzMg> zOvmUwsj0YY2sTwC>MPjw%5?xZAv>YS-p(aY1nGfn-!}_$L-rTurR1s&TPxV?!dt{^$j_(M|UsEufWrFa^TbJ~}E$sr!jaH``{W z80Vuq`KhJf+|S$@J2t&c5D?7=w8Un0_~Uyi*!C}kKMmI8xXzm5!`?!tlvl=AwEs?7 z*8z?SP0;toQ!0@00WIKl?8l?t_l?O|+vB2|8UAV^rdH>_u}qmmB1kzxu%rGN)Ir`-pX8cJIOm)$Pp4-$YnsR=~GG>lVLV0b_N74B~N;UiZpHr!cnt}VxI|DZ}z;It1l>nPK zagO-L0zO;#2dx7LpYf@EL9E6FaKE7DZWtiJTnEly zQOJ249@Jd_1h)OFlcQ&Y4Y%5}d5C%E`&3)23ifAkb$Z9Kh&-n-t|b(2zxMnvR~VLU zDnll&;6B%`1)z4&no8Rq>HfZs4A=V792j3{(`QQ&zIqAK%itx0g4IN}rOmgV6mLVE zHp8|w&nniVxNe&QO|$wyDR{i~B~Az$wWl(KME(s6y##ztzMdN>wHA+EXY!lrQ@@S) z`)LV}4Hyz4Z)$pCE2)LrBpec(BVCXYnaV0_s?(tut@b%EL@ zIQ_4Fb8^ftF18v21pk=T)p0}qmcLe$6Sk79*mkC-6U~hHFxSS=Hr=}^E*PKTuNe@! zv#SbzGs$of+4#mBP8Rz}hXw-`Ah0j+3nb6YPQ=V=rJwJ1t~p>&mfA@=jP#i~3}fNP zgpH|?M-e_V^KV}CJg{JU)O9T3A^&kS|FImp1IGnKcsv6I<$rSie9B4g`c3fuOdV+m{Le_;f46FmEZ~57GZdKm|Cv!$ z15ayaSvYT)B%Yf!ZixEAvHriT9BPiX;jHO>r9y+WugC>QUc*vsCN9Y?NS_~)Z0zh} zP_-=U+U1;k&;|XakIZqSYI`x9=V+2oLWFwtQ75kIfkJ^p!9xKT0beH% zdIy2@NKhW;n%cTVr_=|{F_^=6%S&XgSUKGSLQ=(vYWIce_Z+AUF~1x3azxaVH6*VJ z_wF$#ujU4}cgUybm8759g3?E5eKNKlmz%OlD+)=iA4zYEKTHz;nxoLLEhTG>WkWgh z`PkapS~+_D;u93$3MLC$cshB)<;!AS62h}T{pj}9a35f|0mTW?4~Pwn6>nXJtF7V7 z&ydNB`}ZlJyMFgNeD&tDq0wkHeRbYv7pUT7{T6RY`q*SzX7oHNwzbpHJFhgh$^^IN zuk@OtMzSXbl_dVY-Vmhpj1MOt&AK@by2pXQY7^MDr^ohtbi`mGx^+KOj#rze^^HbT z!@6d;ApnkP5=%QzD=RW{P31tN^(|~%pPmw(Ei}NZN^^ze6W$5Up1D@uvjMOKpIv9p z+*nR~OyZz5$FeyRpa&$vC3K0#jP0`YEvZ-_Aisko-28o%gijO?Ic@}wc^d#yAjmqqApj^@_KT)LbQ0*86aF8Ov|(RNNqpUPB=(A6(ia;~U3 zDh9X#Ex02}O zr>D@)SGu!M5soO;9?)Sxt6ggu8u{k&f4Tbw3f6`)d;HBIBoJ{H<0|tMsj0)|;9(Su z`=mp7Qol6bRbi0AG8*CTno5PC;-mb*v_>$`%Rb;9qw`ExdSD1sa01iiS|MJI4A_(B zBJtkK*@K`XDJ|z_pWrE7Pvsp?{RmF`{i23t3S-~-%q4K@9!Oc?GqE0- zKR^Aan9JtEm+_z4xMZ2OG`|BHD(EXz4&v)2)$f$8p4s{EdwV02qQ@}IO6wrYj2t=X zs=^~^P?ik8pCL5tz{;1f7h4ugZ4NZGva;mL)Lg&`Vr!11@ zSk|Ohz11O1v23k~RDx0Kqu-UOUg~|E++hJ7K1ix?3)qP$Oc6)0-_7?GO+KLL|ELS| zniQDmWr?8{ddw6jF^=LUl!x(h7MSk*Vy!`Vt#`lz)I=j?dw6jZ3i8+1B27MRQKvW zG}CwJF)nV^LTN6@FusI8gE@eI$AxGX+WLqI&xq zX((%wQ(}4hVpQ~K4mZp`J&4Ps_I55QG8oA@e{y(_0NB7N%c+IrJ~LNjm~ba;$r1Iq z5rhbBJ-w`~Ty@n4J55Yayr}1ZI>?b#DdwZgPFNzPm1Cko3Vb}g0A{V2qWB*f=!7d4 zDm0K)KpwVr>aYdC67La%IDA0JNe&4$#ZshhQH<_7chK7X_VsL+bWoL&1fUXdAIl9Wu zT0jvYc;OH5*lnwOlc}_SjR%kM^bVV@ez&V>ezYFTKUIyPFu`Z6l#QCt?J}uW4Phek06B4m)L&HF%trmPD0uUht+}3PY;)kJT;Hs-*SH0y5vz zMs{Hy?jZQt2_$iQGkul<7&+`5A%+C0N0Xmt5{+nR=yqY<|0}{!JkR*E|E*mQOI9C_ z8ZCnK_!N-~obJ2V>@j1f7w>k76C47d_3Wf? z)@u7;^XsCzFW_`3++GjlZIBDJ`w_#|Go!J7Xxp@9^{1efLA$^1_US1Y>mzl4_>jml zfmj2EJDAS8Suu94Y(@#B1<6b!N;*8k=Sq1AXeeeu`2jNsmw^=-b?yk`!vg4|d%5^^ z-c54LXFm=Z6q88Yrp~JsB>I!R zun@-cEf(kkpnUpuJ|>bvqRWBl9y_2u?jLS$d2Z<@>@c|<+-qit(6wxH^X2bcTcv|l|=Y|G`QjlS+NY<#n;vu2EV^}icA z8_}NPEFF#OM**h<3gxC4)rO|NKixCKEaMZR++(?e^Z*iO{U6ggb-%lMLfMc(aMU~? zB3s!q=duh~GSpI8FRjoHyFvaX=+b#e)j5szhn$iiG)-3+b-9?RsOF|7X?>LUXPZ%U zPc>>S)i|>sKUTImb~`=OG_QHSVpR-4dWIuWFQS=69-|hQxFt8c-X{<>S$_dRZTFc zEKc!Qt|MmC{7^J@i42$6a`=0HJ;Z6H_QYA1pRpwveTFJk5{oZ^H-S(r^QRhZibcC# zX5p4CR;MMX^R0lrFkM|`;+2w!(JWWAA`AqQe(H3fxs$y5p|VXCEEDb&|u#?XKVQagtuY#t-(S*cr_CKl-& zDRDK{dR|?ot5_d*rX4~XFDhRf*~%qx-xs4Mf=Ig`{dYh!y?lidIC|Au3@+viEncZ< zxzBk_0c1@@Q#R| zLL$k0fi6O_$8I^c{i#<6Ufpz_16h(r3OliJl~|(FOabEC`(FQ7cghfcz^h(qe@hgS z!0p&-k;58K2M9{2Ymo71C3?XtK+~|RR0%enCTpHPNsb&I5keSXAO6@ynM{u-h*sI+ z*SNh+xBuGIDE3V(Hz?OKn@d3zpixX<+kd;JXZ;tQ$gTiB{zQJMd-_NBec`tuNT1km z87H9TO6+0%Y z+_iePY}hJbh+IfG?l(3_s`Kuc6iQ8b%4*38-~E*kgO)6+6H5tyO`KZ*Bv%#3S^zSf z;1I9UN`REMS5UY55o*JdH}ET)FaUNapyRmh@5(cD(Mjvzv6~NHY*MR+;H7?}gehRcl_0-P2gib_Q4JW=dp(s_3W&|vMMH8P?7K?|OL+#u#JQ6*u6|FhEa?=&is#%*(cz1m2W&3v;$P zX5qm5e9sw&t=Y4SY$Mdy94-ZUKzyt%h#)CvKI0?gB3?Z9N6lv$kzX{E+eH1}q=Liv zmQj@1w|E7IxFs*=BpA|SzAE?2Jf49)x|uRXVd*I8{0{x%U!G0)t{x7?D|+m^&2|B$ z_MvY7Xx9QDd+~_pkhfOxJ(XLO$2+E1$a!Ub=pXH2Z#0`cnryVmAR6h*!9v38xCQd6qI&JHca>o<|h4SwdkXR+}<8B1jEAz%j4rnK_TdPd2iKQv5TZ8u$n15ysC&F}e8E>MXnRm;D#E+fbq^KYVk0+g&SD zrimOrbjldJOvpIJO|AO*T|YJj+6a)O{MnRricHl!`(TAy#SOBFP@84jDw4fMD&|?; z+)aG1e4ERt-1{nbPJdk%Z8X};kZ(1CcyD~WRAPw} z-#?zX;V>>4Jft0>Q0}9!9_$M387z*9cy6$+u&&s=>os{(r+O=9uUMRX1p*oqS}y>| zCCu~1N5t4jYN*JML6S4g)M^Xb?RY^u=X-0$ZVjEfbKGw8D>qy7B8d{Ts9KCLz%tVm zFZ$&1O0<3k$ei7rr@5qZo_-SAD^^vup~*j`q)d59oD~S?PMw91h-!(G_m$`K}$&1rvD@v*%lVlx0s}5zrP7|^pg!HH?0OsQZO|gj714J3Ai%S2DSf$&Y5&r{Sd_c;gFQ+KTk6xwP|1*n;_iQLk>ygygaE%%T`laA4Z3+$dhp>li}YAVF18Z=71e@8{4eCfq#_K zD@D^}c5+WrEeH7da$3yB+UiRPHLuPLo~88Rx@HPC6GEdMmGCgLwwn^n+g6_UKpxi+;Rue*;`nF;;N1=Jd;#<%0+|KkiU-qdK|)WX<6Vp zF%cxf<0kn3VPmOl=M%4v8Q=Qnw8E`yS+dyBs^-LnR<>ielU5&LQlAGFu-l}|vRTw2 zMQfRg12Z<2e%9`Knd(J{gvpU^MkI9k@b=s z9$Bftw8%XUlrIt&qISJT6b-5X4#KpXZq6xm3&^>djA!j$CMDh6rp{hl2<==LrSS5p9?H215e^|a&k5J?pH*raAZy&vd~># zaP$)?juG`FwiK2NSZTdPWBBznpN5!D>Uf8LUrk3LajOJI%UJk#aICGEnd3CUBYSLLg*bv>PLR}Wcb}; zkGFBMUv|JrF3RQlCMR6N+_Dfc{>N$6uwwRQtN7EQ$`Nh7{3clvT3QrFIzQK#!--M}GHVS#I))sn>@U$4{Zl8@3b%kfv+KLm2aOjZ(NT z5Bd868y{7tC()IA4G)-K9J92Gxv$@`h=CqkZ5EOK)hNNMg)+3bTATu!fRymopCf^8 z_8Nmz)wW7w0Ptbgu~#$WE-sFt#RqSq#WKsZokcD!=9>T-5HT}yJZijRWI#W~Rw66# zFkXqGwT5K%7C?q3&?3-;T?}K?NgOTJuGb4oj(WiN)MGAAST|QNYl)bmx8UQaJi|RYT8Uz zmKiT5kcV1|V~fq6mPMVB z$yr0^H6=-~q8beg-^k03>u5^B36TkAWrwA>0gybc1x>qsN3G}4%l9>p-~y8@y5JA~ zOj~vKtpPhKda>|ntvO|nqb3x^BjiFbyIvHTk0j#y2-n#Nv>KN5z%$PGyKwIa=t_74 z-Mpgo>mX%pzNB~I=11_niEW#i5Gg`8K6leUC45>7m&Or&dhAra1qga92+wN{+r$}l zpBwpd5LI_N&z!RE^}xIEztr$_gY}Z;JTUo5)AO>8d~H?q?%!xO*v5*lFPMxS1^|&* zIrIshv8-HeSsEJ@o@9J=y1x;kbdFnk9)hZ}YMcZP8RqkR#aw@js09woL45E@x_>Xj z|4nat6$#Y(VU`MnWm4badr$@7zu0R?o9>SuEC_3K9dwZp{*HknqW2B@OL?)lXy#av zFUygmWFm}Dj|#zo5!XNeC!x|R`QK#Ph+HZVad`T2RVjoV<7}~S(utfx&O*AN!0dWa%1X|88ux`Sivx&(fPqfdQ4JDE zk#8Ddj`GWfP0}Skt(}qQtIGztKW3{}gB~?*w!Yp*#}SAE1#0hB(8rLWVj>sd)XOE#mUZbT^Fo2tM8pk=t(oIM z%K2nhb*MM)wV=Qtf8U53#-Q`xz=IZ6g#y#iq>XM|KdA~}rH|bYpSR3zN%FEjwVh%9 zmJ1+!mIucA8N=C4kb9EYER~9)Kk798i@B2}j!f`F&;|T2hGO%|$iU7NjU$U>Vo zBsS_`in4l0JK{w>*~`$xInwZKXYQH$(QVU%(kdf*Z64VEW_aWNjPXky7Jjh#KTF&# zR5F5W3FlMaB$y;idRuld%9C&*FB&_1BO(hgSEez3gF)3Ko0qA#XTaRL*-ydaTsz9E zpM5STGB?(#XoSJFEq11kiemsE9Sx7$N0Dk)JLeuw&^K=V1U<@Le1u_8Yzg>4!W5Re z$fz+OtP`$R2G(8w_3N019v_?JOk)NEBhwTverCdW5(0pQ#wZ?_X2#xLrqIBN+8Hth zCb6ga7o9a1m;9SlOH+1dvz|&Skj{bq>QLvz9QVctdsK`X`zroOiJWc;PEA3M>62P41zI?p}-=+MNP?Wp~Svg!c^Y~x8GPiAIHbDwL(Ztd;WgHR}L zDViUk{f8SIGFd&;1~An+AA1B34B~uj_;k`eN282$?5QdRGhmV=!ZK{8@r5(>FO~=PIeR}_zl#M|HWsH08Kxz{yas0 zTnX`b%?GjhDPi2GkfhOE)1lRdh`bugyO+f)A=TIp4d+M18&suhnJGRYn7c-T0vQ_E z8%T#xk37@9avj$DMpM*Ei5=U*{coj?-)XV8q!4nv{qF0W+r3Tzo3E^h3qhf0e zcAY3D>lF1gZ;5S<7aW0h_oR%vr5Xd0`We3RL$YRSP^5bc$QbK0Y%Xgu5RNeA1|;8IniS@iUh{$f`Ygbd56|Z+<4J znx+WM&fdT{#8`?;*Rc#qU+>HaCunS<@91HduDRJilGSUklTR{>t;Q`uXqJ&;8Uy@^ zTg5f(fwd&T);$XRdW;WJFFM6c9pqX{?2F6?2Vq7HV~0^bdiq ze;DgDR9f~8AMnL$GqIE&)5M!l2PG z34Hk1{~*=mKxMHs+TuA|axmu#)@&?rkxn6_75$oBd;cp|hMLs5H)pq}WN$qN`n|uI z1E1)X6(6D=8fIQWA|Ax0iUq+CuB%>clO1~0Zl_!s&%G)%-H!D9%otlS!#)mS5wF*0 zM5z_OTFQ|BnOhew@D>f@c_;O+aa;}^n0HRN7bdvUvut`8z0nC1UIO3$d(uvUCK8X+4!OBP7oN%R;gWA8G#*{8)p zs%9SJ&JeU0W;~OaQ&}WSTB^r{VUUY~AZ^Rv%;x4mCL^Nth+=~P;mwU5)&FpyBUxV> zYgwfsf(e3KpnwbmVL6a}lM9iia@M&xh2dqY?Bnh1utJdwgxJC`D>EZb>fB#CR_5-Q zz1^{KQNL4z7ijOYfxc>$HC_{`sOuLl_PYA_FWOL7LJKbG`*n?M?A?;{HSb-XS4Qt> zF?H7gkrQOXNaYekbwgQwnnDF@RVe3eT5+^_t69XESztpi6x}{D>Oa`=c)^{%{1ga? z7w5YT8@DzB5TQ|nc5m#ziPJFib#AD{c7Y0!mGUM#bC(y2{gW$VHLTPZfdakEff24u z)$0@Qh@0~|9+0pqcpW$AmsyUgAE@%K2sh#s*WdvVZ?Iy)r;?$XSCu%7%g%aD@g+n! zo1#bVzk~T4p$j~(x6ObSU|DGBDVg8-N-Xrp#{s_XP9J`kl^Ywr9Kt!~q5*~Z@VK)7l zo`{><&r_9oV!Cy5(W!dT-n!xEeXLzj8Ao@zaIEruh!Pos8Th{iSva6Xu@&qk*?#^= z^ZV)nW3BNTHu7Qf3eLeg-X2fRL_y2XZcAd9R}ox1i=bxi#Z84Ggy z>g$^7@-ATpsj-Q>r(v!Ajlb?OU*1A28<$MuKPw$m$=6?lgD4SWLY2p&6&ynLa!w6~ z{zI32KXg!YEKZm$c<7C_Z6-x8081eX_GY~zLzncY+8OCV{nxvP{FFi$AN5R5{#ZBF zyq~9vMM9jjha!-s;P78xKKx1(818LTa4++p`D9la^JMNe-VyVFsnjzgJ%mpQ?>|0a zWbgxo(Ib8*CK)3_Vf@Fa`~;}*x%`Nq;z`NW0H3GWK^||LhQ9>X>$3(eCWU5Ruh8h9 z{+xP^{YN)F-amJ6ySGBJf&ZU9RI#OCV)Av4_iKaZRnLu%29w{_q%H2vBSMdcJ`p!l zCZEdFwDJxW2l3zXF9SaJ*~9#~gdRJJOJw?g+30!)C&(otbZ*;7m#B;^1v}2m8K=iGlD78odh4 zo)u-MC)sDPr0rH|gyD8cN0$3~Pa2iqLs5Mu){*cjTh+~=+-p2La<@{f{uqR_zBbK( ztD`;O#QI8kdtPz;M*q_uobW1T4&gwyaK9cm@A1&wWTff@Culeo{VWS5oT$osnLU^6#Z(=N;xRK z!zSN^$EjUmj^v3waNVnAEG)1j2o-9+pmo?jt9c8d%;!Hg>4Z6j90o`BB;biq((w{aVq&tyEM_W5aAa96n8`P8iCm4cCQdG*Z1S%IfC28v~O;23=YxSmv_wmlFu|R@Woso z>4-2;Pwf9@fKQVH#bE2GZZ6WpM*8-D=?SU>^H0JXGb)&_ZM*8{Aw5b?6@rzZ9XWPk?5&lD_z7OUYzGV>^kd)hf2a zJWD*SzlBSh6d^96NDY-8F1@xpWY>#HqLWF{JYCw(LTCMCylhSd(JzwbU2eAh3XjOn z*wPWwcMdw>Rr=|s{NQwM{QO{}cSbhC39H5MSO*-u5ntIvdSEgV&MT|qm#RO5zTCg1 zT(LOTb7_AmMiD0j&zukXHW^0zWZjG4%$FrusEWUMmWr>dSSd$tCR>GGn}UxQTK6k( zGNJ6k9t$3Kh`F(-{YRVyWOx`1SrT;^J;~^gSD+q%-Fdr#+s)q_Ga~RdpT0 zDTkW2yhB0^kf2k;>KT^y2}XS#bH`KzkG=5+cn6l_+(l~f2b2zGo~ujHptLX3Ft%$i zSMKCXSU=PHSV8O)ubLmkitWiDT8a#PZ6DeTa6gt2rSOy2CrRr3aD%d4S9|Z$4p!fN zz9b}~vG|3Xv$ewQ%No91P3e+&A`o-is%1*HA&>+lo;Ua>`fmIEGx9Jxd4L`tmnj?f z!FyMOdq>K5Yp1Ua>)c@lHzxBFH^*a5Noi%ln9VBtP8Bjg!-=7u8m{+B|3g~|pyq-^ zKXVq%|1Crx=JVy!qsH|rOi^9L_@k-hzk8J49+5i^sg6+}4LDV`*Gg6UX+$4f-y87) zTbejs&QQ{7HNJPiMvru@19_i@`6JNK$`~tUU4Uhr?_Xyf$5gKcoCjZO>)`OgB8C@8 zj3F>`Ei@Ewc(f`>t2%s&nuu_ROd}*ewq&+B&Cu7;G?Ng7x;dyzCKw>*Ga7o#)>7YK_O}gl zQeBz2Tw#$j_CggQ!{>8<+;q5Dat!?L0ioeO4O|&qr^ zv~(3!7h|c1Aq*3lAST!ppBe6E-Di-`u*+(=lt%B3Ku!OR3{qG|$^(5<@^8C`CBCty zFB@L`(x*0TC~B$ahKnZn<}E^YeiiR`B2+J*BtfOVz^4ev;Z*-)EpSP6B2`g>4!I3h zGNHGs^-gKe0jcC@EFoPQrI&SCE2>tJbif=-b9?&=Q;8SQbN5vXr- z@F8hIQysI2Eo=6NfM-V>V7SKmqVP}%cByrnLNN(%76m!Rb<_Vsv337-$k9bi$Wb_j zP<1lvJ5DC7T7q##)o3RELf2NJa;!3u6fX@P)xW?9>N={&jve+^0hD@iU^7~6oP+jft571oG&CJZg zGB;*Ycxk$UKKaTlHGJfo-O11w$_qM28LL*d-***K@-EARnfmHqsddyG+bb9cB!WXj z@uepUj!05ACp6Q^ED;q+sDfv)=-HG}XJFppzc_^KHK zJ+|J*-5VAUzk=HF578*V>iDmLoJkRB4Lu4+k{A<|{A#G$-dI%L`;lx-Mtk^EUGo}f zkD{wSz<$$Pp*T96jW+5}a$~X45{651nNEYC;Lz5ofWUG*mOD;W5E!!rz0;TfnnXYV zhjVI*vqoP{L%rKBLsL0MJ_wrhJk0qv%vIX9gpINpBJ;a8xNBu9gZqwjyd^V-w11)f z--cLu?*OHJHRg76GoRu)6){PUL7=DAEvKYLREArknDW`m^(Qc7NK0OoK$?-J3U3*L zAwCW1m0zS3 zj7&&0@6iF}k7|)gla5{8uS)!E?*LM$gO>L2`*MM^B@}aPsVF4 z!aJjT7(gur>!kH*47R4yMZl+&(A^-egyJkj%guN?so*e2ZZ4`Tv$M{|&n9AbGGT$Y zSiiNeXdjrDzXm1pXR|iLu(jZ}WzhLCpM;deGA4&cY~#I$%k=gREHD(<{jfq}%&F_o zRasZ5B)LseRpm&#xuC9V!kJq@sAHqjyx^ zP}U=a?1BYJcy2ws0OOpTfE)uNyM920E*o80zg+FO$#muNb7{s_2hCSAW8*@L{C+2m z$^I|(h}?o~tOP|(e~7y?kRDK~n(n`e6%0sahRu$A^SPMMpQSn)upv@ zq~z|{+VMK^Tkxx}t6*E&ZCSG|-`>0sRM4Xsi{*ADfYSrp!x3Bgm9*Z%=FZ>ms|7~9 zn0@*gP0B5QSQar9Qn>HV=&6|K=pf4=W1AV3Wpw5k#4-_PW*edGBKvro+3VwT%`S4Y z&SE4csH(G#m6IE2X)>Z>v@$vGM8pL&l!eE}Uaaz~_r(B4>0N9+vT^!rZ1&9K<#oBq zT>UBH(-XRMITH^K7iFg=_fNmWrCwGC|AW*`4@Wj8twmAEFR5VL?c1}ct94ZuR^gp z5-l8ZwG~ut>|@J1(pu_^gDWe82ibuEZdT4t>%vL++l-i;sJ1@`?7kpMhz}#FWGf|G zSaz*0eT&&C3`|TsfVJx|p6fqww9UU4%wwL`<^0LQ!pa%nIXYBA`$I|8l%a<0*{V}D z>QXu!l#!ZFxW+5vc)%qq6zZyB1 z8C9^eCiGFAWLD8=(2x+uq@VD?N*D#<-Z)|@LT$G((}_>BdnRHd-9HIxITWkVYGtU@$OUm~N=iyb^l&ybdcSu}=s(}T(CCozT-_c*b+qU8uZYR*eLDpU?i(4arDed9J~fs> zdW$n!RS(P`I6_p(4dZX$(pD^o1(Fmosjiw#B)!<%>PE%HZW|^fU93%6_|j|`?>OW5 z#w@lPLD~D2U?Jr2HLnGmhOe$c;(?zX%zt|`HnH=MIM_KHSxMdn({iwyD!~Oe$k~ zsL0n?rOdO*M>NbwU&SbkyCNpF0A@|Fq{hv*U$qJJ2in4X%S=x+w)!HB*_7jq?Y!S; zA{h)FC&S*^wrQ)#i|UVmN#}x**0^myn{XcieWg)}Y76Z~O=KG^<0qVaieto*!-yV~ z6l9sYbS(lu4v+9Qo@ao(>goFw?UyyoJ#}6WI$o(HyFzvbEFFo5Klftt?40je9HqHd zRO?%sCk@j6ROB$NC*yHEM9WW3+OcYLC7nxOgO?I^9_Zi%(>>5qD)9{+^|<{!;mGqD z_jhnq)%7%RYDV`{4uQ0L=Ol^RsyLPtPU{^mfsI>!g!JrD--MzQtlEnS4dcS*cBcOx znC{I&sIsYB|AuwiMmh@fFa=|k+}*=E|R^qiOSAu0fki!<~3YYwwCZ)*F&%IZpW?axF|SQ zSba9;oECb5-aAtXD`KQf*GXt*t)Fm@y&m^Qo-|3<>LC^ZAkaxf#}H*RtUlu+=ELMU zM?R88sCgOd^VfIFr%j!=ZTLE#&ZwK@x05$wtAMzX>(> z1#nu#l=hYtIO#(C^&Gg?-oJ%-k;SrX{>m=!bnY8?ZEZ9mch%U(bXV!ENN#D;!3*K= zWzGD2psURIdtn<5<~dUdC(R;blx^bZz7O&^A|mBn4v6soF?CtQuJJ<6Q*j_iS>Rsm zQ-AXlxQcxVbiFw9dw+0gEQcUN_4rVAEW4|U71~ioM`P+oRT(Ksp7HJb)m_ggQaB8B zApLOtlilLl{k{uNzFBK2s-`Tq5B6n=uM6YJc9G^IBEr85@+`*l^j0m@%^WyQD@UkA zotF6)rzX%mb9W*0oq_F{F91=X28ak0myLT<`u(b;HWzn>-Gm`f=M*=F;9}~TDGyJ1 zVW1*?I=44Dh*8}(d-FUbmg7+2A=%u3#p;2O#Gs#@b{U}*@8-bT5UVh=?^Z@`iK5ty z=)!dq=GHTPrX|S7-8BpCYybIIri$_jEJF0>6KwMLngb$gex*)p<<|s0{xN!Uw_C?G zcayC}CHI4T2KqSU51b8i%JDbln%b1JUovU^-YX92Tk;m-kL2&AAT)`TDO8oQhgTu| z_}cja`0}#Rxb%-x9Kaa+no}!d=L79&AVwL49XU}!tU&l$8+Mbx;)q&*g--tuPsnI< zNhHnSWk6L~FY!04<#1sEu|Tj(H4Ll`vV6eJ^6JoN|GoT`jx10umx?FDjYStV6ko%3h48^6NL1 z)BI+zk2xS0*h^+>jvCGJ&Ihh`@NmLPZfuCYO5UrTKY5X>14b^$9WsCh^C;wcY2rtK zRW+<1%Fd}BnCLypQ(5!vmU?mpxj@RqX`A2Ho`}%{(8SfZYeWSNrHI?xF|q_qRgBmT zs(#&7RwkGPD)^OeM=k2ot(a@#a?L^2E3B#j!bm}fS$#>}*WqSvSUn&M=?-;DU)cJ; z>5rG4YA5Lv=1YN8dxs_t&aMGw3pzKA3S)Ca^XNMFkFa&g_e|ZLnYCj_x8$_aykCJP z(9oDVQ8~NO87Vnops$p6Mt#`Ie8B~g^s?&~CINH$c)2#Yl+0xOd@Y^6u8nQXA~#*+ zQ-S4(l=F;9BIcso8$Wk;WbUV!WJ~%n9|mgG0EFx6_8hl~jb;mM6?F6SQLDS#8oaJO~)WmD_dU~}0S{2-D!;W(g;yjgGr9XgL1S?5*GlY>*-<8Mq-Ix#}iM2CW zH0)s{Ud0>{DWis-c8B?bg185hBvfT(8JZTF#P2`u!pMvhP4oz}k4C!NDr@UJv2njT z9S(j1zd4}`9qqo54Q0vD^Y&DO1@->I=1mf_DfIv-}G zy04P2!XSonaSn!Yw<{~){(+^g>0johnUuNO>{(ElXKHexzBr+&Wp1M(J&e*VFbqn6 zIM36Oq$8!AWF0RSG3E;Czg2^yW9*y2Y-|V*4~VbZYg%_heQPM!A?m0nWhU*Ss;Vxs zwk@S#@O*%h0T4FW4((Dy(J;MwZx-d+C$@d%;1ywzQfVJ`Q`1&POU()o@9L2DL^pHv zxyCmu7aY^lN_{}8sn_95n$}$-1lVeIDa|UgEw?cK)h}RXDMp~9o{s1&8I+5P5(z+B zj{Ujq{S_EqxwWzuwk0r9V)X+df{PVVN`}F@gNJDn;d{H-Wkxfz=>;5J zA~*jIWvRnThbP4$tf8Slk?upI7$&B?x-^vG(jKu9-K4cj)`~5qJkJ!+wt#4O0aG6h zFJiuL0_u#*!pjg@8b)@$I|`Xo`y$OrXFeu?N0+L;@b!;nl%%~J?~yOM6dI4(oF%+6UXKCIfsGzp zW^Fv594(CEs31`vo9e>m>x*;S$H*UWAPbFr#`P+%?b6(m5v@dfEE5KtD|Zr}!9Zj~ z^`y_>4|sHUSKV~#s0|aXx`Y`&8T?w$#>=gb$zX+(u-R6|hA^2W+#bL?fO2Go-Te&@ z2D&!`0+q`@w^;~bI$-BWo`O2W=!+WasC@4FaJX%wh-sbck6gg~S+bHby$iehJWE}0 zgpJW^J+_qgZ^i)vC^Z@;+bivVTFq!M z&|~9nabw|Lk6nA}1x2+Lf@3E-BHNZj$C9&z!9*EwV}^164|!i16-T#r8Jr*?Sa1o@ zxNC3?8r*^hhv4pR!QI`xad&rjXxtkM?lAq%z4x2-&97N&{>)m_e|l9{S5?>PQ|CPU zdG_8%`s&pwbpQ&pemaiJaPuP;p2kf5dKhP8(O39TSS}an+ublsufkL1KV!qoCS!7> z#KfpBAt{9Rz_W>yoZHxHpqDl8bq$bBP{wM6wVejFLPJDHX>M_-mooJOeM}4HFa@7a zU`+%rHX=M6UWgy5f&F@EZsQgi-x4hByn*4Fab+*e^69mmTaU^WHyq-J=XQ#{Mb$znReivol4p<|C9$`bU=kIgx)17$4 zb8CXR%8$O~16z`R9q`kL`7buq<-mZ>_z2PP^}s0j%GScaJUi1vQd;&fptJFDT_c02 zZyq-7n}*v^vOz49&etxek~m1!t@q=9dke*Z6m=KPM6JF9mz?6kAtB2yQiA5)LBSqj zL{+~BRpV*28gGS3V-B-$){-f15*{}^jw8Ip^$szytFQ;h*-JTQ_^R=FSq0E~MPD1f zV)$@dW`h<49wnG;L`Y+(kW@y742=K$B!V@X;VEo041*|Uq22u4>{R09ikT*4Bcqk3 zH@QVJGtza>P1Q#h7F1(?{bB8w7Al-z`0C*!JopHK?acVHsTn#D%^yr?@?r5zzi5K~ z>fQ_f^-@93adNTknK`iO?W#^+K}vtKe;(_js#M#R0no})qU|c6_Yimo#2v$iv zBBJy(EqL>8Kv8i~56uU+KaI`J^|iIN%xpDwb(om(*92WCR>n};5J{>+a8XK&Ns+0# znp$#lvTzMMt(9d04`)KEc$49d!!xvv6;zCj*76IDXh)Mlux)61!ZP~a(#_fWGw_FkL?3A;%X-il zvp8ng^&~b_NB>}CXGd^3$_$Rzbz;}+txZ+O-4n4j`Fb;Sl632e6tecK-9?tX51-vc z$TV*+Xq--r)0a|oT@&zTpDVIxDIptudE)0HA+*`w^F zq}DwzbQ*l6p<^|bcPbrCF0z_>-tSIZ^3DkwF2|;aSD-YPqR!o(=a{;7ov)L4X{`-0 z)xYtuucrTgS&?N>%yPiFxEc{ph`7PQ^K?6Zb`iRBLHkQw3xt*)`o&(nl7fFJ&HbHQ z=Y6LS?f!gQ(f(4tw4!nU?KJ;hXfzv6w$foJrnr?g!Q46W-ES6ZtGJb!L=F?iox{z&Ldag(uh_h{T6oakvtG(|+s zKJ(VT5Lrtexfc25VRSI?f%qq8d6&Rv=d|fZyrc~b)YO&)nwdKN$*pTYrGBSAnidol z6|SEAd;%b_*Su(rx$?CUekm~CTi)g~ymf1Y$nhOJ=R zog=83Px6#kg@F>5T1!Ysn7<+AccO7~I~(qu3EFR1bd?oA{U~d7Kfm{I^yNX@Ft3yJA_PHx zv{hmNP`oU&-ZtTNl-3?>p`@f_Ulve5%`hVKJ2X>f*J8rjUh^PLZDR}G!QMU{{>$O$ z`ifeD}K08Xx^NU<8aUEajOC5VS zvlWeP_k;h`dueieN2wmT0;A_A#x^q!)Hzr=Ia$64`bbR*lSkdE-+flAQT+-p(iW{< zUsggXKQS3cuyb19JcXCQa2LHaP_mxLM{cab8rht*8{~~-z^d-p7y1jUYcOY9>8!B9 zC{g?5FiFC|5g3lYES88?RXH&;XfZzE-AYl2<6l-VTTT+bX8gsOylX1Bldmgy3hmO4 zg;VWI+l0%Nj=c-pP8FUJDnwXxT-^Ic&?H3zoemRy$s(2x>*yCOkH_eY zkTH1go<}En>EqrV8=M|#jsQqn?y>%h_ zPe`#(;sQ?SW_A&2wO^`OV!j)_C8V5^0m%WU$_>5vYtBPv&*|$dqp7;Rt|KzvTEBBl z3)L=s=jrI)PRI$B!&Mkj)Q*^?JESMKz&CRwjSYvHP~}AGb+OLa<@Px}s_EO*Zn73r zRZ`xqH6itb+DqwNO!-w11>d6#*CS?#dMktPw;q07AmXFLjqRj^yh$;iEM|lS?e@t{ z*mGpT@7tVK+3094U>LLlpH3TkOcTYm(B?KwVP%JUV@g`VuL1Ox5g##b-h=#*TjnXdgTOm5;1hh9_}k@)B?{qpd* zBq&M2c;`&<4YUx0bv2p&z37&>o3@b^qz&Fpcjma3%v2BNQ9hLgdX{Ik{3+(NRFsk? zQ;;%;TFQfi7>>}hhnTzLgV>lde;$2O!RBy4EG1(CLeXfa$#4p|DTg1+)Rt2iwnt}J zxqzMAvO&aG;9nBD&Dcw*#Yx8@DkHuEi{)l{jI7$1ThA9hq*$E(cqxJ9Trr2SI1u`m z+lZ=X+NCOu6ip@8%@kU`WtkB|1No+^+UZ)n(3cPs+?&`@EIPxUxnLponSssy{r%AM zGNk-~rc7FU9_esCEZ9xKacoHn(k|L30b)(S+R&c8r`+(}HH`r^1aqW|$ES7~c`9Q+7PZV>6OtGq6 zibRPHW(VnSRX;PlfQ+-s5`fPVn~j~b8~4x?$Qur>c$jl=XO9`MwHnJ5{r6ZL0?ee9 zZR%IkhpYlDp3LWiF$62=Nc40_>;(O#feaIo9EHZIwwK?U7AQRW76^u~has~KVtIH@ zyhKXq=CaEtyo#&8M+jJ|ahyxdZ9}GJ40tqZE=(jlJFVkhw|rIA6%ESxQLU|wtHg(4 zFS!m`W68~o-X24Fp99kIGtI`NYd`b6O@zweFa;>DNr1}34RwsYwW~7VsS%#Al3wGa zcg*G>Jn*G;YNUwfg%>(Jr>xOgGE&EF_KSt`vdLyVFuhd{{k;0)VvX03o40+adx{lg@cEygS? z*tJvQ{68#3548w=4Qtd)7HBK5-~5x#!o@m^QR%9`8H9|(h!m>RMdNrsFFSNl3h5@l zPHzmnV*Ez=ZE--RuE2~q=Q5J7iQoR+PI+;|&FPC;ndsKPgI`opG2{P$ihwhrp`ArW zV_T!=ANP<`TViV(`A8fv+4h*$+JXuaptwF?iiTo`=4O$G*Q7?KYKW5?Lpwe+aN{@d zlgOgTrM5@}CRji6e!JdH*uZj7*HRAet~mVy`r)IM=k^QRB;}E25}Ix~2=@4TcQ-Sr z^UGG5q+*fv_8WJmqjqpt8^2O*Xf8iPAha{F70AWtBKVt_CuIJe-|wcRpoH- z!PiwrX3Q50t>&WtW&*R^gc2gLGw0MdwlZ>@b?|Pjq8uGv7@Qv;*<@fA;P~43+sw{0 zbyhba8#8l_)6eoR?9v%EW3%8g4^Q1}CIR>a325+J-*h)FBvo7U$j1L)51s@-&$AJ@ z@#3szGAMqP82E_}+=f$QGY+BNokAc>)KLXejpB>gbcY+~44BoZMmjn=R8#Z^VRIV`8p~bGc39qdP6D8CbhPrF z5;>jjKSfN{k)f-7Dd~>_x9?OOY>%t})b@Cg4Pk#MJL#J9>&Ml!who4QO+uj=nEx&S zbioS>rR#val_9Q3Zr*7>lXYS;W0R7SQk4^QJ-T<+sa}eOHzoKcw0#bT79BG zh`8ruH&~M*{qv=^HwCZXrE#HAv8ZSNXY5vMczB;xkkfhr%iSPcC{2e>B}e6HC`q)G zh=a1mm-66~y)Q`%=qAZYNgAQv1Y3+HDOXPipT@f>Ahf55OR|zZ@Q!8TKs0NS^CVol zkEc(=^3I@Vl|@jc9HK*tx*H9zF8s~&}4 zO-hGgK{#k>v$3n@%Yp4F7jhrCm$7`k@JAJtNqMG*BHZmD2KuL#!I z7iOod!@a+-T6NJE6fei{e<6s)o)PF<8E#>0cl4-9dy1ESn6ikW$L zUnqb3AdYrl$0?z8c9)11x5M94Zn53y))iwKiqo46yCG2=os?3Ora|eAidPL)8m2zu zFn>8(R67frLNd&0>eYK989JNws9{&z>+2H+$h=ex=<>SmPS$8;?ZbU*oN+bv1?Dch zY-Y7Tw)~+pISW#kVzwPD{MlBvnPfj&Nk(4_ze|T)9&d!<ym*zFnNV& zO?s8&t5{Ik7?EFDX#JK?K(=>$O;$pI+gKs1_AnX_E?XXmKbDNawa&A)*it|tj9*C1 z63HIU(?l_LH;9|gFe6UECjcLV%?$GLC&}BztZzew_P7Tdv2_m?u=d>}#M956v8D-TA zt5vZN3#5^`;$(v#NK5^0w1_cyjH%qmFp|^*32R1XdVrKgcay}&KY4N)>9~hKQq(oN zd<5bWrHT~z3kV7XFC;^vD?eGntIAQ48>Z=6k0m#uz)B^UU+( zU=|+T;ARGz@djyKb92UHdD9FS#>Zpqe|XNtfkT9aQQY<1R6KPpwWUQ+Fl-EV5;tb$ zvS5yT(nIAe#t|KwSh(!|+TKWC#d(~~JL}o!ac?Ne>IlIcZNUu2-B3Cw!uDXXS$#$s zWRhnRRMfNgpN_*h8}tvWWz*b+uH_1{_KrEr}@}3H+ ziX*)Mi+OlgkPKTGSX=x~-(Y3sZ{y(t>1G`C)yDrl^}o5Xbs3S_e1Cnt_NOh=g=?|W zqVifyqHHanHI^$IV#h9c4sl)nv#J&`*Rvm^)yI)w;wHZE%c7U>tYRX92s$2O1N9m0 zmvIRV2OS+}X-V1e5D1pNL)}wK_QESMn2-A(_*eu}Q8uW$ETY%fZVMIBRlEZ*K6{a! zLqLDlmE?GP3QN@y-cQRJ3RgA~R!SZ`MMwFSEqErLe0+Q$kVMyEQoIubZdT?_PTcG!$i9yg zS2xD-QmQ-!I;o>O1!&(|d~|+sZfO%)M&XpSsE1BaLFaV)qN;F}Xh^2H(ehnXOi8Bt zMzAwcaV9Y_5wqR#;p(_A`395U3YEhsuz8A@-(%)cePPf75&3pDP**@_E_Y)e0^RDC!=~j*Mw*YlEonb<~}2hQC5$10X%h zR$c=;EYKnIpwsO>DI@V|pG)qf^^1zNoORtl>U1)Qhfo^^JqjSOxuw~yxk{U#!BBl8 z9M6mqkrSuY6SkhRo0J)`J%U5t6VCEsyabEjF0LxuMp|BB@`jPb)>H2*(<;Xnz^e+$BYCdV0p3KBhFR8+t+2k2P& zZ!x|1vwZ|BViRV0L`f`9k&=9NNyr$3_&dfjRsHZWF5XL$YJ4LON;p=s(%Lt#xEGmX z4=nQ8AF4qHTu0Lk&M^vM_yXdP=+@s#&r)7H*84jOkHB_>|I zrGfyW-fY%9b=@w`jvo6H*jP0&gZmvm`CjVJY5^Cca!Cqv(7J~T;T5vq;H{e4PaXHe zg;(jfhBcMhxj{umw!-9N604Anz)6|aB?Wh>gy3Hs+!~K`2X4{qOx&WO3(IYXyGxtP z4JQmn=6^=CY&vec-n}2r>=tse3PXd)TsoDnpy72;6-)pTcHp$f5>dHBUWX2ml{`N7 zk8#Ti1bckDDn$a#xXdWMt4eTchJHjtfm_=j87)pGMbjl;=`U{7f8Q?ZmVoewyXI{9 z#^#)~T%SO2CT#6Li5#P!=RJziN&$Cs>Pf>RcLvaTc_uTiYBe!bli~Ssj!NQzO#vyt z#V)jMN`_UFW7tV`@1Ns@5E$aCbqv=I0o>&jxP_e08*3dN_duPtx91BcImA`|2x;i5 z>B;$x<(7&7kYdGEn%pn9kBtq?%h0ML+gU~)+sfImC#nZz7w3?O=4o>dfA*`}Yvosa zA3@lcTJSbtt4`rJjF=wJFZ>k+c^#OIAqAbSb)Sr;C>x8OC8HKx-DeT<)K-*sk(>_& zaa*=47pilI9)n=R`2^LL8&8i#HT9(>gLM-%@)aJrVeu|jzck9f5Teq!ezoDg)t#{iv zU_~A=&!=ZoQyZj2$Wsw)H#^OGE~gzyA=0&UXn)=IxM+VGoXp(vJ9EFD;CcsO5ypSU zFmZhzZZfrjM^PA@sg%l4u`dH~PpKXh=$LLEL6;CT2ry3G+@1U`{CS0?Fv5qXyi(O) zfnS8)i zUmcMAL0d~J{Sw@%rzyJG>zpWNJR^`_dSx6LvLE|k&*6J^oF^~keoJT9w1JFd4xztmrmzk85{VpE1vd>`kdX_MV zs6dw!V1-#8v7m47kuokrRk5SV@il-fbxE`vr`R5kYF@9eQ+ zM(D%{RrQ(n-&k_6;E#g~yUnhqHf)BO{daz1c;DBKj_hZ@tmJKL?zAs3mZc6+1Q!Nr zjBY9?vkIxs9!FHis!4L4QIdLjwxI1i9vPv*J5GeSbh4q4wpwiAiPM1U*lsr!qu?yg2Fs!6_ZqM& zNyGsXho-j2lUbwM+WsOT1*{hC#W+Vg1hm|&8M`!g@+sgF;qGMSRm}cX0Q_n&ECuj*me6d6>+CckSo_d^wU16nskpm*GF0#17}c!)MUs0` zmlkAdoVlBJ7~@CrOW(k*qQ&o<-Z`MSUZ`oemBGRvVm#MHHk8;-bRg7r;ynvh zWzrlw`bAGwYRh#p9=bqKfXOr|MPgZisF|IERTFIZ^&$U{)K4>=XQomLuWHg>xz{}? z0b@f3io!1)_pnZUR?u^CJMAFH0fCnj^geb=4+rmr@a<5ovTi%c zAGQiRZ8S8G3J@ZN!9Dh1S~%guWr1t&=g>x!N$ZlmY3QP99pZ$+V!W8NtKm+gXI#AW zGvgtzt41kLTNP>dl=RHp)OuI5*V9!L!#3&JVjhc~OgKiJPERRjX0$r53*u6Wv8BJ% zO>w4{N|t%$i<>)s)h7rP#u1Jkv+;TUWDLOf zn*&8|2++I-sDDu_Iw9+q`}mQzY&AH*L&R$YN(8O55E?cxWp6;qb})knIKP|=I0L{v*i?cp3LI6>2i=xdoQaF>M&jHCd|~`aulAO z;Yjb$n^|%nGthRDBVSYK{`t|d8t6Z+V7vs)Q|tV3aDnDZx|N58s{jubvxWmdYxO|7qATb*-`#N#NUGaR|fF@Yqpjq6-EZ>4bH0e z>)txry+8iDqXvj26|o+sSxdHbkg^EFxq>u)8%*spa_>T0puW`@{VD_q9S~l`*@W6Z zQgbQdbAcDBYnPdJ-IaG^EukGh;gFI$%I!kbwea0=lT946r5!gs|tS| z@(9c~U@6HAENqZd+Q*W+)1PSr-oj1QVd8flnmv1Mt9ZIx5u_})E+y21r{^_In{J0^ z9c}knifAPwg&CcE@>SJcF1Lu(Z{eaLj~Qndr>#Z@stR74#9Fqwg(H@0eR)xS1Gg%B zm32tE0(-8!GvR`)HsEzgriy_m5f^-1ZifvUi`?Nb#R`O@#zEbTseHQYoZ57Yo&vF( zEAO+!;ybJTcBjEoOBtDEZd^*gXcpGCv?9i}lj(BOR*Sv3o)Sbb&iXuiTLQxYMX3lQ z4!ZaL=5T%PwzukWr_J?8y0==|mk(8!IuW+9jZcuDhqdui7`K}CGq)T;c6z3shK7!| zHX*?}UwDPKJj&MyS-GhyU-XsH-tpmK#2^toJiJ0BbJ9!bza?t1Q^S;l!9p)bN4SwZ z0&M)q(lE!uBWs;tDD{l&bcD+sALw}ap2C5`)MGr`@9e|gU*@g!O$=PkQd+=5Pzxy# zK8CKYIFL758>is#vyrMRZt368#;yjQ7>NX*(SYB$S%QwPTB|=KMkqh3@R>k!wd%wR z)gU7y#~Vs=OcP|MrHR|v+8bbWXvCOk**e)dTUw$RK~2FHAT*?9YyI-Uq9(BWTp2(J33?3X6+-WC zc!)$g0m2V5F5TNBXN7tc)#reLECV$9Ltb96NP1G}P2uOn2Z(Z=HM%NJ`G1{cx17Ra z3*j-~*T23EDW&NC`#`?Ve?-&6+5e$wHM?K8|NAn2o&Vb+7JIRHgoOQ~SysbFtmO^F zViJN3Mf$kJ{0Vl8nA?adQp4nP)6+2-85!_yYEYHR%F2DeD-pIerB`wT{3JYg5l=#G zVIjr(SSVTz1%+;VP0}f1005u>AUW`*{phCoA(5VzmP|NHb#!!;SP6hS>kcFH{AL;A zNk|Mi>KIa}!8_bmWv$HW9=$g0ttvqK&!-4w6s8c-ch)~jUb`G=`+pb#rI0lQ@cwHD z#7t2uytnd4&}8jr&bm-)Yw`v|O-#baME+i+u-2c)q|yBs#c>_Y;Cj+F52~q5UIhHV z^}fMT5}L@dVidKLg4llmmq6#cGR9b0iWfs2#DA`E4GURKg{r|gkQaPJH%d!WQaioa zgepB!Vq;l#ov`Ah-N(aHn3za-CHW#iyRxa7wr62pLRMN(62X~MRFstJA!dNRU0P-& zNV6a#tOPE|69tq$*OZ|_%uMDVCumoeLdq*YwNp9m*EY9GNaE2Y%_k|TXlH1`t6nu- z)vLxyQrz7;aRr{3huI?kA#mM~M}!r_dFDa3khagemg+C&jtYS^>!*iGTB+01ifB&$ zPOVik`U-#Sp+U7oiaYebI+dums7{EH6O}~#6eh_OTQx*yvg6CGtx1#T=eiUu=u)8W zAE5bp|6?dSvr`eyiv8GMVd*XpXK)*5fx8jBYNbSc8x;>N~2XmwRdZ`1D> z;26Lx8KR)K6x_4@9K!`m+@gR}R9;!wf=<)Y(vcoG)Y!m5o?K>Q`Frr@wgz~U!e^Cu z3WI%0XWxDspHajeGmPMWVrgXwdykN1C#pg*>U#z**DQW<{gB4BQ3DU5bYa>_quG8NZasu)@`8J3>rhq8UX zr(`(0f9W3Q+^>?y}_D)L)RhOtXh0xv$yTx$po{k6E$vy{eMT~`q*R~#HD0)kb~XaZ0&tj$X=>9{IxpVF zKF{szWTqbBH!7T!^lb|JlX+9p?dMIBHZwhql`vD?V-~knNRM3?FRT9Yq$oK+L0^8@ zz!@B)?%t)8!S#;Bp_o6>%}9&;|LeeQh6&v<%SZfGNRa^-XFg3_eR zJ9CP@0Cjk9eRI<6oh45e>Ni9f)yAHDzj*{UIiJ6shri+rpDj0fLu@0m+`P-B4Mx+H zA|_u-jxp4cjCKWFY#S_)lK-O0KWHFFPG%1?4&zxC^W47S)Z^*jNvLOW}rtZza$uL(1ka*~?hb4lf_R znxAfUy-U-~DOb;l&a5APjDPNIvrybv3XZPZ<#*Vp0;Y=#_k49r)LD;QNag;R<819M zFsk0!m2aAzu%w}p_RH~^smjMiSGZ?NxotU~E5*VsYPCVrtY%ys1||mX(UE1L;{lBK*!0fT-4&K;;mP~! zUm0{6Wr?m24sMU>OM(KX@v94S3rmRvzYHiGc9X&?v$F+fb5;NxM3qDfmufh!D)q8w zpck(UEA5+t3s?0ooRkoU8@>}hhzBkw-*r%}sG}VNT^JE(V#S24i~6DWYoN1%GPmu6 zZNvB6FZLmwYA97qKb$xevAI2U<~Z_E=lV|Rn%jTK7hW@Y*@BDeQ~b-ya4#~~mOAH0 zE6gSM-T zWbU_qC9BM%rt!RZN<}M(H;^&>hc)N~>GjS_jYcc$-tYcVrkb47ooCghM&{Cak%O0+ zvsn#ik>d`sEj`|OHh-Syjc^LZSIaiqzEbEPobBWIKEy4Uk2voLzP_$sL}z`AvSw)g z+GCMCw>$!j6S(q_FHIkyAOmWW5G!Mnb*hidjx`~c6tqnHM4fzJO8TH-IVR~c%Xd=? z5tb|Svzf{$I(DzWgRW_%#*m!YI6474FoXBwigwO{ezpBY(n!PW%$MTz*@)~N{c~b6 zDK76TbEa}6Z{SKVGRhKZ&5v)dIo4+1zvdMt8iy|W`|y?!DCu^iBvGv)zMc8XDd4d^ z{4;7(-28&jN^2z^R8U@&G@Hte^z=wd>p16hb*?z4{Me|XiTR%%PXwu34#{Ybf#kLK zWl|>cY{7`|Tjs>Aq-Gg2I$AsVOr%V%1FWIGKfdS1tc{(JseXDt?DG;l6LbdinN5X* zJP&V_>&o;0)53ApDF;~US^Ne(z;g|qlt`LyB3#7L7lV+32i|9aTV5EOk?B7_slb0PD3GPtn?y(pZ06NDmX$*HM>^o^3qkf8xxj)OgmPM#b0GJS*?|_eiZ=J0lMo9J&*?;Wv zFrO&L3y}yT8}MqvUr(IBPykK7#L6F;F^12+KKjP`d_qX9ph4rrOu}q7`5fGnKeqp& zNIEUUHFfD5X%lQy>40q{!4=`(bV%sX&tV92p2hoj%ER*G>_PqwK^ptr>QQ7rItMGv-N%fPZwp4))^^%QTesKdC)JXH=iyiX)c-? z3?0)Icm*l6$BwqC^_qGqa~O=ZRIAbFb1R+b`Swmo2trR6G2MDwl_`|P=7+f!n|_w- za}de2;qFA3x}4PpSGdZFB4LFf!ym$nNup7!<^)_R zR9cw7y4-8Tr|7Ayj?$8oM5X1)PWOQ0iZFTR&H=BZ7jxz?0lRJ5?2Ix8VZ5TIV*38R zzr@3i2lFlDdVhyo0Tc}lPHI#X_?vv!eV3Ra@?YTue)XR*bh&Ic)M+PM>+*Vlk6Ly& zuZP8h51U+KAi`ddy;j>u?GCW!jjRwZ4hxxjO~FP14Q?5e6>hGFkX&-)G$IX(3jZ%tlwFfr><<+$K$-=EB_RV`%C#A46D`dZQ5IsD>G8yvo z7m&gzx5eBv-U_Vf>ZTq=iItb7@tn|rl3K6h^CSpr0u&PW39$CFd$GQ4X*nefxVz$( zm;ELvS%Y(5;~q3gRx?=BDrfWOAjFheOGCf4wke-PoV8s>Su}z#<)uif=j87z=Sp{6 zOaeTmm6ztri!RKs(*XhCLETgaH-K2_9vuQD`=^&-qxe2Wqp!mL3ncy@uAaDa zscMgO74jdzO8fX9?CR#32+RG|hqS`P7vkE7H@%)CEs$KD1_iMRGZu33_>o8$@{;@S zZBAAD2Xwrk|JoLEfjHcs&^?9(qx=`Xj);t`QL#Tm&lUX-!WN)UG_qoLGduX|L;bI- zqz>tIc*$UVK_L69!QvoPcT^34@CvEWmD2s~l{`R)-{KPDz7IXSsk zhgZT(=%pRSZ%T63J*( zzjS=U0)^80nHfb-G;dc|*mggS@Ixtf~fiI!ZrG|_olxB69ona|TW_+BUtULt!(LgBkv;>kNd%S8iL`Rni_My6xpLlT9 zvyllrCh<9P>@c4I(8aB6+{r0vZ!|1z@!MUVRSb zIe7U7%p1>3Gts_~GI?$`U2F3vIk*@86_m7){9-X_D9&wTAynp*m?mFI69{MR(?dg+;cw2bh&G9c9mp2Fn7^@z8S|lnd9QX_JS0>N~n6t zOZHSG=lKq8c*F}Y%#qpJ9Gtad<`<;XU0(D8u`~qQBa%joiG(?(u!MU|peC$(y zq^0HOVwY6Ac>$%PTcf+vAASMWg^Y+wfHby`2|HJxh$)22@`FVl^F~g zEGj3KdXDg(jZj=oB3$Ygt-1N}<1MOjsGDpi?2aw6g4E>_lNMEiKNb8WW$__aBkI?) zhEJL*hEm4H-;J%T7@Dmuf6z12qUhsd@$#(dBxS@?PT$TAwYlfZ3u3DDxpgI-)Kn=ojifZaHJA*Nn~H=R zFGd@#EFX&L2^t)9|2-=M{(S<;6$%mU?Ci*_!84ytIDH?!hU&>!wI*|eoxjCFjpG5W z#i5%s+C5e2ZOquaNL7@d;D116pW9SRNDXYHZ1zfOsfDucDz7c0XR9hHp{DG_0(~>C zM_W_y=Y&*AyuEn6fBExpPS3^RM2a8m@2hhysfeAdzwLELu1PD++*x1Om^YLYiP+Fwj`laFdFpKk`(KowCIO9-R>I~^8Y~|eX!C2!+enTNPVYWm z6`9O$my%w?9@+6v>=QTv&CZF6{Bx-ca7(->izTQETqQd_u~bJwYjSh54l;~lzAWjV<>zw?XIwjsczL2ue| zJ&rD1&qqEP1k>&Ei`|zEHtc#(j$ua3?|&L?;h6g~Z|R{6)e@g9Mqz!n+F)^LQRV42 zH%p6$Ks@(A9i(kpJnHnfF0)Nw^S;m6E1=vaYr0-`a%j%?aVM_9wd>`ygTKxB9P~Kw zHn-E`bq4#pu*tWfrB-o}+AOJb+bEfU?8=1!Iz5F!@vzk5#0EQIPIs@^?V(|6WBqnf z%O(>;!G(U~=10x3Tu+)rP@jaK?s!BJVC{FP7nO--ZUt(ueq!gL9YG4P2?&ZqN)!Pdp5<8rf{@>uG&FQ>{NjPLvVQ)XDiQ79(WhUfJJ zn!w`~Z)RAS+~~JT^pb*poTW2-{LF#7a{T2M?7F899J1=tiqEazIiolu8Ba-*b8Z?E zgVQosZr4MGiHNon>lu$oh~&SkvZ9K@L5!I!?C+1bNX|S7_{!xwAMT>mO*x!l=W{s+ zHND><>d_S#R(qOnaB8x%@E)O$Y8b`du-F?d&uvxrG|&3*egkY(Q?2>iSES`0rd{hD z4og}0F7N8Y)SZpi6+r5KrPGFh)zw+Sw})Km$xgz+QUxOxKwFg7J;xRay8e-o zxCW0=vGdg;d!&!%pLPeK5TZOz5JoTt~eyBIkd z$(^q>98N&&j|_KX!l0_u?B!ENH!z_O1k`4x^*9Cr?y14w%ec2+g=(0 z+?Dx4E|gDctr+uFo^K;+f=o`fYSvx1&nnN-BDXW6I%zVs3-d@(y|o<&`AMwmq`yp z(f;a_o<1tR>OEbqAJ&pBzS^H^C9M$7e;SPT=lZM(aI`ga43tPpzbNX)R+vwJ_jsgJ zwCVCxxcK%^au!Wi+_KL+GH z(N<5&$t7A;8(iO=6sD@GBZP=ffEFl2ib8A;-sfh4M;04QFzheuIGY_2LxZ4V92q@Gmy zjR%coT0m1%CC!|$$;D)wbBomePfIWRu)5hx7ocXb<5B^ymZoM_4THFDOADoYUUC%j z5q0qH;NYO`n~N&_>uGy0^2@Dr*wbM$*Ou)!vRE-ZoeSOg_#Ay-ole^1k08GhFzFUD zNt^4nzoCT1g_&MiP<&!+iQYh8ImKT%%AwjyId29^i}Qr2zJ^8TeSFYksQdsK@bl7w zh5^&l``g>OD%)C#y``O_e`@!pUaSMtQST2mm_)4Ct43L(269b#xlLhE@kfR#&`n@z zVW!OXaxj^%x}!r}KKCYC@eP{;t!57qI%0qBR|S~GKfDd)#l@5AXY1;Kn|v~)w!gQJ zg;1+h&U)-9<)t)HpPX18)c_Thl|)9T7bLiZ$7kk9%0BP)ogN079K`BbN)S!T{<2b# za8V-EQELoLc1}^4vMt=FHKjQsdel~JBXdQKoKNp#HW#g!pOe;oC+_SOF;-rK^o=%| zV>K~N?X|%3*uStDh`vp?(f0$aufcE)(I~UT6>%Rky#k1~SF+0JF@0 zD6UGAEkXdluDw9; zdc7_3!&R}Pc<1n{9CvU{BB%TuXu`Psi6J0`c4PH{mPqg z8(1hL#Ark8cIOcEdJeY%hX3qWoyV$gUVqq$NAt$2uMe%fs9>2(ZrMo}Lc7D1#nbtBs{a%++mV#e>`aM*x)?YUSFoUFX5Q zw2)X+E2v6(3!mdXz$ffpi|ru|jTQyUE9lAo!JmtKrq zx37=TPw6IO{FJ{xFR$zwUent<*ase??V0Z+BrF}%u)umTd4_`fuPd3wWb}4n${a;r z`r9d451-67Jh7v-CPew2<9c2hz(K~8CKdT;oN;Zb!6EAt08}Lnk9-9rRlqs3tEmcf z#sfcz$vS2AZn9=a!}YnhDeYN{-CynN)7gIs^)h#UB}9VLy<*Y@e9#7Dc^+1c}%Ws=F{YFlni zr)YO~_c&Xb1EvjF;s|ZBf?XvYukedr*R?4e0QNoG6Q*-nROX&ratDrF?dl*uhc@|ozv>pi3Kf{WuYb)UcTs%i|H7q0hhD0Ai{!Yw?=4lNkNQp=*J~%`K_U$~O8YPUW~qP|0E9WV;ve3Nf`4jW^qXr`(f-Y_``9-5P^mXCjG z72AB=G^sShNnh{>A-n3qjY&-QdCBzVhSm)0v;R745n0_ZI1WZ7gt{z;OS`pw^3wCu zqpc)=+|Q*L+zMU;NY0^VT!!(*mv?>l!Hr{m!*5^ald=RshWiANO6^y zxqDGNs%Huez=7wRN0+wt&x}&q+Vf1oFhbou z3#epul%>dje-?HwE$$c@qm&i;>vO%y?^s0aT;JS*s-*2@-n)F-R@tDvkU4~CT^@aX z1Gnm4;7cmLyHDOYGOd|9P3b09JMq8E4Z1h7NJ^z%Z!IZUP@))3#47Y%JnnklW@Zrw426qf9US^`cdJ zYZDmXj8bqVF&3Bprx{dJj9vFYnJVdVS5THq&8Zw2(NFe7S@ECU|IQ~r9J_q+;>8O; zfBMBW0|m#R>M+Gm-v3tIKC`fmc^g~jC8tJ6Qyt#o-(OQVkKC|cf0={2mTqD79i0{K z_x}2ol3Q+J*Te*+sU_Ly%uBDKW^?i6!6QeGydjrb(#kR$)F6!yo)^7m=Uvecsy*4` zCB6TaqG51OM{9eU>A8Qs@$C->P?I}x8Yr*4i6)7(II_Bo)hK7bN0kH+0n-kTvka~X{lA08;dP*Y zPSJ23#s1>|cL)S)h?}c7*kNp*gQ=y4rEOjVF;7!oJuoP%Wn{f5gr4kZORY;^t0xRj zkSAFKb9R+XX{c?FGd=pRyRKRFSSr$y$k>MDd;ik(%1N*2Y|4#v&^NHKu+Z1n_l(Le zYpU-^);s*4AFl~WDClVF=;-Jfnd^o%boNrvl0j=uH9N`dzi{d7H7PA^kN{xdn^n+I zSR864viGWO5gALK0z<`;Fl!J5Z@$)s7&}R|JG}NeG|;|CV>O3qy6RljOdc5+OM9S7 z#y2$L^X)F3HIK+`0!=?Y-bZc^lihRD&=nbRZ&|%rU(7LE-)#m!Rnp;-poX+#Oy>;Z zkxh~_j4m1KYT6g{F;()cu48&ZFEYag#`Ra;5wQv@X=1)&hRMVXwfBvjL!$DE3&QPB zopmVeB7g@zHQ7>^=qmooDXU~0P|0{pHJP7f9Gj;GN5*IR+sZ@TjKrh_wKdeW<@t_Y zl2o)_S4l2i+xTq!6tLd0{#X#yv5Cv-L5!I?5U2Smx3+a`Zd=cWK^hnsY%|DhDmhN7 ztPV9i@K3RT(k>j+42aFe@uGiM^RL{CR9vxNHgDBZ(<{gGElRz*V>l&^1Wp&!wNA#4soHViTuJBL9LTE|-q=>@YjgM3*{{xtYUpY+4Nc!AG9n|hBirue3G=w(4q)xFGfYiWgul5taBq7ItO4HWKt9%MP zktuAjj=IX#pLrDo6@xIy2FZs}$*5-RBl(hM+@BjHHrL=u)v->F5?smwHaCQQ;rI&k6ekXSWVBl>)pN!3bLW=Kjlq3i_!Vz8}(@eYKhXya#n%^+c3i?YuJT z>+}7t^Lhqo2&y~kyB85Ah`-U7^p`wk>gX5W()lnd3EacM0{1{04Q>_hc$I@-$eC2n zvOJW>^Cj)M-!}>_MZFIy8Q&eFEph%!ZdohGv}#P2<%O3o==m2uaM2L;C6y1|l2P$X z?B0BCKo);VCEMH5w)v8o?&>B=A~t1IFcNgVa#dZ)A-rWAI5N|?5cQMSq~%>X`;rf- zlE9ag5j6Fx9s$A0p<+*IE^Rdv|As9p`9NRNQ{YDv&$zU@at^*EyGo9?MtG>Hb6s{S zpp8=oEBzG2^tCJ=UM0~Dt*Ak2-PpIyAb-`D>@JNpzxcjEY<1Q82EhAO68Ms4x5Y$m znTB*eU~_VBhP}SPq02WVG?Q_^>PrSnpE0)g0ezEQC4n#5mS}U~uNU-!D{Gj$0Jp(G zC6k(4fPJ3(_c{H5E$h_dy$Q}@QUaF@0^5esH9&-+W)8k&ikmhVzSxxZ08L<}r;#VS zeV#dA65Rh-Uzz94Jzwtr^1PgD5(Zh5niwx~zj0{azxI94&2lInMkS*=kaoyZ7WUPHZLjr?ykFbxrt>M@JdW{H#q%)MrczHa4iSQLgO`09z1a9gkgSq!yvgl zEXU}akf88cvy!xWGL=dN{sJZ(XZ()+B;l(3- z{724OCD*dA$OAxsYff@B;{W=%PFhx3Gq|a~KEnO;lIrjM7oC^vsmm)4GCaLk!7IN7 zH!@1;??WF&xr?ZQg`;U&1$a4YefauWQD^6bS`d%Jb>oSH8%wC5eL({`^X=#3mQ(gA zL-Tg`4Gav`|B^~}4pzpQ+?GClRUr)9+>Z1vD@m<;f?hyVh9)oxny1uM)r}LnJ6jvO zBa~17aQdQxJ323^_vtPXbzlFS&Zfe|t@Dx(rII#Re&#+Stl(RX?P%%FwNXB&qGps( zGlgSUN$~WB`XY_K`&dlX-76c{-BebWXmagqd54&)4r*s}nx)L%owscZfQ>b#csSiV z`ueNK(0R!%Dp?s|qpxyU+_4zb(q87OdVyD1>=As)Z0yK}L00&yZ8Jz<7{JCPU)!hS zo1fb>Kqhx|DdPCSUCBCE+SCa!w<=8vQA(h=5OC{S>k{MMTtjKfi)HMNzBJ@JI z-hMK9aAc5#1}lQ~Y)y5gL+gP%Z+`T$nwm#YHHkFXKj zAD_r_<2fKMplzCj?QE(jb-Z-slY`uUtV)6w0*}7I?&9$)qT=?M7~~r}WL31-lAE8O z|D16ykVx=udnjMB9X!mz!6-T26W_i5`Wv79^!>Iq?(P(A-Y-9UclXY>c75@~DGBR> z{$AiKfw6gCQL&fe;r|}diEMA|n*hO5ALV1OA4h{z9XW;e0?3LZvYvjDSHVAh z!vOijKBP*5cX&s-o2k%e{}Kw$swbj@)(yZV#)jIPaxKJO+x6+2$V%z~UfKKCxXF2@ zcaMJa;hTGQ?Ro#J?{4U(_jV9z)cUw^JwEhN?0V&rm}NrQ5S2FAJD6`KeB|r*Uq_ZT z-~Q<9oigzSjeQ%JL++^B&rI~>CvUuoX5D?=(LN*bmsAonG(6Igl3*_I!yCKbVlHCx zD7u8z4>B!bf|_NjcH_`1ukG5q_uXA$0;k?Pr7G(V2H>C?q%f&-hrU6Y{=h*l9ZmjM zj_P`*KfFp>bKeyD@dy{!k)1nt?t1;zbE+Z16{90G(pHt605(Q0wqvbv?|$#y4=-wl zwbb<>o1bXdiVj!ak3Rb7jW^!>_VR_x5(#f~;jtHMQ zd{$Y{=HXQ`rzDqyL4q0*>$5|z|LxOvckaBXrvrqH)Y+Gzf8)Eaf#tuw^W(3N-ZjZ1 z_Y6?k7WB5OBzPc0O_BbZeBb<+)nsp9)KanZt8o)XgKz%t#APYZv>|ZU?XK`uQ7?q0O;!6SsFax*$ z{0bYJ%9HZz+wi23X;8w(e#yAl_;luHJg8?5h9Ui3b=gTdP2EGtuE1?UN*|%A2-$)a z6B8SgS5%AHn9f51^#_Jnlvz~U(oGx&Wun{DSV2&ujs22+qeDXkOld-HTlc`g*ua*} zm27P6IE#%zwsAFJ2PvZy=#I0J_?%W;|F+=37`d;rsWPLIxqA^Q3Y+caFZ=mzg{zTiDo-2A)-7Mo}jT+yyc#*HKe|J_=+% zS_`rt4I~Ef=zcU1A0MBPP})T#1GC;_W4|OTZ+=4uwwH))DN8MDCxC`QrddeX*3BUM ze#!XM(i&t(BnoK6nvxu(khu7SlFIzFe00Ag(hB&7yewpEVQgY(a+nqG|L$0Z6*mkI zl5n7`!nVFK^g{jJZ57D{;Fi(36aZ)=bY4>Vriy(GVmyGNIt;ok3EeN*(B6w!5mQsZ z{i6FN!NZA7$!o!nphW@8p<>FDlaoRAq@*A}8{NyV3VK!JuvAiaYh6V?>&r33NIM(L zGUH-F3uKn%=M^+IHUU2!-7nePhDFT=D9g5BZAK{w5&#?x61W{bWpOD9F^RcV+xAO> z3a92gz~n$D>Z+`&FKfUJu1{eD6ItIc2}sDPtZ8T^wUnU2$b_td>P~c%0I4A-KRrG! zEq~j7Nz{7lG2{(%1(x56MXVR(LTwD)FNu_xkQ!UoLmFg_zR`ZYVUXK`Xx@$eya@@3 zATMHaZ2Khv@!1unZOH9U_EhI&q=1-=jLf2{W>AghE+Tkc0e@j*za)|&EjO*cZ;UoE zNouVt$pR5^iHX^bjiu?u^|f8yTP*sw^2jO)dBRZIildx#B<^|D(|Vt1(>^ayIt%jc zE`9x(vSVsJh84#d&^gl`E(@qjx<+DIQNIylbx4pF-zT3NM7I;3_9rlq=MJcne-yww zpkOL8b3?7Ij4h;%GCFA!5BrNjo_lDtQ9^rRQbr=;6ZqO1sb2j0u$*6XZ8w>ffHO}- zCC7&Te|vZS)a0GV0ldHLOvhDg*G|h$XLju#wsd#d-C;cjtAa|1vUR52tYA9D<0ELqJ3pg5`*u0_6%GDB%hUxyVVLJP?xSneiXk=LvK=Fr93Jx?Q{P z*L;7-H+i0Co_S{Sp6_#fKac70Xs5K%H7>c77=7&UzTKxA2KB^>+h+hs$?p&ISD&mE z_y_-XTM#e%#tgmkg5(byLFjwSLcQPH%1&tU^74J>_bE5DmgS41{~2@Wx{AY2h~uv| zuDCPj5!1}jwQP>pJ3n9A2mgQ%3Oig?WdK$|N`7CMP;`*yS-n=LH(ALQ*PVXwD9UNK z8MU(-wTn)xwb-20cRmKpp<5t~rn#poBS<;yq*brhF7Lzatbv$!Z5m(|q$B`@23K}rGuxPz1g0C2~Hl%yzwN--c!E$NnbS4#3Tg~H5>WsRexy05Y{ zKTRkUp2?Mz4H)MZTu*0^Gc!Z=g+gHxTjZ#uO7?Juw%N&tE$6Sc-)gF_Eze_qN)ca| z8%O0WvWhHbAyIN_LCfTX-ZkxM(PCHMuF6Vhw<{E8r+psnmv*P4m$R%u32ZEcZQ zT$G)iUf$T)HO;QU(#XGRyH!{}Y@}Dt0s{b8D^JFf)c6Bw7H_>z)ECJS;Sopn_y%zf z1SeKY&Yk4{?E~%}-@SVS|8%0|j-H&S%{sZXM#Mk7mwPaX%k>LAmU68|Jxv&@6SnN+ zg+(8Yi3#7go4aG{fmlgedeRp$A>94DIop5zo6ypVKDCu5tg4>A-0&m*!JGgtcfVio z`|p38+SB{kW?dX=&WH_vbK8e8{6mLNM*hVwEFn&Cb9w%_r9JJuDE3gwZ8a0KOJ4y1 zJRQ$c@?L#%$jcix`=60?j~kUu&Eh|AT>tvcl&;Q6f>t)m(ms8C^YNl_y~@#FpB&5g z<%xS#ibpC{Q(8_z9=}RX7_KF3dDGh`>cr(fwNYWN`@6T-=HEr+UFvr69pevgoe5v}#<7y|K@Clt@7}#83Vdx>V&l|93zL$Op}*Y0DN;T%+3Deuoa}V} zqz>2fzzh9_;koH?xr5953jpx+JWa_9QLpSvtbN43uE;TRw=Uz8P5vU;jKV_Ej*)xP ztgubobDiq($%axvu+NXyZG7zww%XU`jj!xHav-PCHI@vB6W?r}wmY3VLQ`>aOF(=^ zQ>(^FJ9Rc~rQofDiP^WhCgt+-RR0Y;$$iZy17xC0@K^nV`KHjC!@JOykx1gnk^!bE%TnIkaJ+0(yHw4*0pJ;WJ}Iegzy8nYk9;FV14iRFQ*CFz zYf4TJ->XeM{Nr6IvPUCxG)<}|T1(@1`kn2V8kt*_k~FE5b(9MHctu$}PQu0N$_E7V zonukamRHfULKgslHF`cNX`L9jDm)bwxF_mTY308>9!u&q(?ezF1O5>9`IVev zsk9>hQu67)23>4^Y%WF@iQAw^5o_GzV}^>X~%A^ANzB|BtOD%vFRTaV;-YuT=8NM0Ei=;igZ zrNUGJksn@av6;RUZwtx1+||ccIyI7(FVnV%WES1-UG6rdZ4b>X>}0#7%632ZsPDVp z?8-hnI0?m5w3&^?;f{i{LQeb@C2jip`lDgAqbBm@UqwqQ`j-l6ne1d!#;#A!U1;rL z^A`YM?L0_HilXM{=M8$p!h+rPE(gcr0%6t~2)on47MxnyrR;XntXHeQE=*-I5c8Ci zoYNVs1hYP~ypy7suJPNul!IEdnsiz%yRufNx7ZwP-CCNqFA#GUy_s0ti(1Do zz0>u0=_yGkP0i2EGMk!TdUg{4V9h)kOa5@23K}rGuxPz1g0B{E>2>{>@QW5~boo`Z-`2+v} qt2}w~WH}|#(9qD(zP-Kl(!T*Qz*-w@e>>g)0000C&1fe-=&2p%A~yL%GcgS$)P1lNWH0>RyBB)AjYA-Fg0(zv@f(o83L zXYT#h+&{DC`|+K%dUc(1x~g_PRke5RXYUUAtSE*4is%&r0s^{>w73ca0umPj0^-g~ zMEH}jkpx`$*E44osZR*y;CFlQo9BR!3Lg;=Dx=UIj9_M*s|=^U0axuguEg_aC=C9g*@)Q` z-Y2a$E8ZwoU%!8UgWZ3(GDJfDPE4G^D8n$*x7XkCPM^+?w z_wY;d*?YjhQqIe0&cCIv%Fp`=|CWB!A#T3@TQYk4%nA8#i7ga?|6g4KiLan%f1ia@ zd;tF~AV^~UKg|Vq45nx?+1qSzbEL>4BVi&3MEWZh(ECf~tba4$<>A2={#W_yM@}t% zoRGBTZ%!ou8~oWh)(al5GhI(ePiF-Vv+Gy)!U zadUHXbaYJGSX*1$+QNPF<_$JBHXa@x78WTkE-nsEgg7%jJvkp=@PDeZQAOu1;b-qj z2h5m#6;>^@J}tTX;FP#^e5|3a-jg)RB9-<1bMPlEL#2#7uh&;8IG6c&|Z*m9dzxgXr&WoC7v<6pQKw=?|FOU0^qsWE(aVRm>hfJ96 zH$g$jTq#OBd&mjYvvpryP_%qQ6o^O##jl>6NXg$II_IHiYrmJIz^Q3z^lxQ>K%l<99Y!oCCMH9I?2c;#KAUDEF3C%}A=_2A z;5=~~era$lHjWPv7`$ij;O-P8L(qsjgY|C~dnruiz;CEaW@T4h;jXYn}~gJ;f#tp_9$P*EKX3^K%(S-twTUpN)8 z#NT+W-FL8^s+8($(zamE*Rkmv1OH4|d)oE@JEjPD4 zD+#uVk*Lm1^BF9|rXP7w%=o-CH&ZE^wKObBDIzknyquma!OAAQcU?*{c>F2el(iW| zGbal}Wb9`x(^~8FtIcX%C`|hM7d+=3#4flM#{jKw# zW&ITkY0-8WGkY)C2{KJUeIP@jT5kUG(x1-j%`qi_MY&El%y%X6aWUdnRa-m7*SD=L z@U5S<)Jw7No38^^aSa)By;|iurp*Qs?`?+;^OGl<=H@H`0DuWz>+TFLb|IoWk-Vui zb8t4P>{ML&N@%0YXh9To&85C4)n&Ay9b@?@A&~+_!TsvJI{o&vGuB_kmN3oe|1AhC z@(a-f&Xf1<^&sLKmC{y9{iZIcrcvt2mnLrRF;BZ14~Ds7h);3b05kGY|=` zqR>!L!6PFdeG?NBViHnfQc^NvViGelQe$JO{CreDsi+`ce<bwqko>Jh3}DvU+|3@9DF)Bc%GZv-Ow;MH)LZM6*=j!6}{-(INSXMgt=JfQ7i;KA3 z#Kc6hJWVkLQPJDENRB!Bzb5E6+ZQtaiyO>em6eT-8S?I{@#Mf|8Pg zqBACioVmKXx)v@LaB=PWXz}ffMeo0$#uCOio91G{`E-+ZZ`j;~59=(PKI_Wl1sVDkvPN zNPEZ-D|7Qv`Dn;hChZ{y2pYfG5@J`r>o?Xkr`8|mx?*Cuk5u7)}1UhK<4`U`{!=I)?JI>5RdL+V~po3b$4PY zT73^RHBrP(r;S79?@W#N-Z_ylpEio4eBRE%{&=`_f=-zes(Xr!RZ(=ku)e$_R3WuB zYbF5^Jc-u}n8B_1JAEJW2(`dV7)lucFG}_ViMLnJ=etjbQq&j{z7$=#m2hiV9#@6- zTP7M&V{7c!9yNKpU}^z=>T))qe- z$1SzgojFTt^}i>Ev_y}ZS8mdeE6YA8a*_GCB1hFE^vbqYoj*n-wQvqfn4~0kl%Fp> z4Lti1EflIo_2y;jrVT}mbdO1m|2rW{frt(pJDgX6Er~QW9F~oi=F$=4W^#M3g2U3z*bNEuqL1#l|-42FNmfHiXJXrdq2vvhF%F;gRQ@bwN|8Q~Zy0up zN$gC{TKjm@_ zUu7T+CD`uCNxpn~RC;W?$q`K$fd)D)=Wi`T_ige;BI7h^asa4qTkA(cT10rcw&4A} z;6hW{-ti^Vknzjl6m(L1edoa~YCmE@iKJigH>e?mMfDhI_J%g8RI6^?1_lDaaiuU# zl1BK6cgt_%x7XE?7e2@oZ4%p_ME`7I)aE8d|K;F7X{pM)tzr9IP1^Z%!_yt)uEklB zN5o@;Hj@UxypQS*B1;bQ?9S%3pD5I3e{GS4v<-&W%*9;?p5IBF9XJ@S9p|@pTAfnx z^LvVp9%Bkch-*Z7E@MEO7HiL=u#^2m&VsRkie`Irl!!+n#r3Ga{`|4jO;N30*1FiX zMBcfE!?3{Arwh{8H+z#k?wRI|zvLfgI|K9Kz!RL0#7=Tj^@g3GX)MG8X3?OHq#tLa zN_27SPXGB4t7pbW{0EL7f73goojhnr>KZy}=#DZp74x4R1bS?UHDfw}ppCvB;;4?V z9*};Q*~qrlY)S#|PqBl}aT84>V*@%;mWi1;1foIOCCqxYMo*|w9FYxT-C*}I4MDf_ z7H3pdD2Q`Qbxei$d?GzOslB#e=$rab!hpx+`ul^fYCrauIY~S_cPYnHw+5y;Ho^sE zVv?v;Yy~l`uoh8=xv5OmoMhh>w7ibXNn%#sG~YzJ{k0Vf&w+ zTa7RtH(D1=i7%f1Sj}(#xR3~6jR9~xE`C|SaZp~4cd;J0t$^JgWu}}98Wxsml~`cK zXBQ0d{%Di2(F^LV-!a=h?e*ay(?ymFVSt*Kz~hotxER z;B=nGjG3uSP+meF^$M5vX@X`KiAH6E<_snaTIF43oeBrJ+gk_Ote;*!@1^zkrrVQvmKu?oIH^NfH-GU9=ny^o`zWz~}QdEqKQ z67H9d3CRS3<~Jb-P0}K8zaM^);s?oq3&ZgS(*xpGG-jQ?411l5rN|mF^a4;Hu36G+ zy%z(cO|aa!^W;I+^^V&_SIa2+#S#=)ZfH@|er0-1C*npq@>J0?%Ys!#Pvdc<^dyg@ zGxDa1J9nTt4%lO>z02XImz!H^SBg2=iDQv%UfBJLbAB|Z3`%ASF_FEH(g=rWnO8rr zJkGS&?p`7A4qSnjq(}erLfk2@xc{QP2JjGzHZU^1#MO>NJnP&3r3@#qN0Tl~tve@4 zPkFK4cP4xpPfE!8xsc>QLLUAlZz-G0*hOJrtHqz;ohGx(J4xcWoim1!U>@t0@-!cu zeqo$@zH)JJMerXRRAyl8}0-Ki|F#@YD< z&cCW3uCoyMZE$MvB((T?0V+fbAr$;IRdfAphp5l8F=P~)svTUU-Lx6&{A6ZgNql!w zsol;H+@N18-F*q&45r`2s8naS9-gI;gG^-^H*XSpwhkv^M|6g2;D0&%v%@UaJS-&L2p)^%>KJf0)wuL?uXV2kd5tyU@E;LW~Mx%SF)ss;7 zYY~)i=+`Gb{7)KpexciLaC z@weY=asYOS_+>-amQzV_@faF~tI-!OUS7(a9*EcnbMm%7P5<`8BnQ~?5QhwHD43g5 z-=U_Zpu8B+_Vnb3ks=n$*x8k7J+O^Fpum4hitq_MhTPE9lnT|F92@(}!}%V7IaqjS zKel%n8v5!|8GAB^w5HfHaNHVa()7)34}5$c-7Z6fcN@tUS^+$qzaj_`bM~7%EUIG; zvZ7*>Nw2chB^bjs(vnF7ezRi0g`q^=eBFQvZx-n<0e7196+|B`-F>8ooc^)r=j2}L z3`U5StQux0xNaswh3It6_K%IjeAS=gPs7qRdDvIsmll38y#ujp zOYSJ%z?lx98149E1KX^y@Ts4t59smBD$l`-uKw}tFFoY(`2+YZn{HwG589_TU!bh;Q)}e(S+d>=@_+R`_}i&>{mXgw z5sU8L2Ep!uZeuSV9%t}=WzYM~;iJ<{&wO5NRqZN8H%HI@wMNKM%_X?Rl2+$+@MoH^ zDh=J->c?zTLgh=3v03+kUR&ua_GYZ5NAut942rOfvlMiX0l&_#PC+va1AW7{TxYJ+ zylfnmuNW9g?I`wt$g489(oKQ8d+~?r^MyDkmb+P6f<=-EAyQz=Ep(Yki{7B~tJ)@8 z{B&AB#vd=6Lsap1OgB~qN;47vp#7WD!iZli?ZeZ>#Z$@!j8}9dS=0f%;!}x5=7LRNZopzIBzxq+kA8xis6-(Co&9GB^xMfv2&(Br1 zaAEA8weg9HOtdL#G#i|uaa+z5+rtt>^Yfj>BVkgUeW9w=Lj;zRkK?oMIoah?#*puX z$QnOmxIIu|>f>XJo;`VQS)obR>jDRAKwYrle9!c=K24vqJwP0d5~(NYW-R!MT>3WsrcLF+-*ZSa%G344&>)Xvz2BGfrxf*v& zfkb77aWj2A4Y zh{eoLuL&tKk}VGFDnIb6d{FzKtn(rvb@QFe&XP_+sD*Ds?LxfY&aud<%7;7+)gsb@ z?b3zz>2<}AoE)4XTph-bOl9bO!(v5hvM;!=9=<_|YoeOIvyb~9lVk`v{>-1=`c+J$ z!5!zNW%Phxm3K$1x0m*z0Xc7Qh``#u{noKK~}m# z-ejSg^)AU{*FAp5m+Y5N6Doje{zH?-GDnb({wG&RtI@u}2&b_phe&3^TFqVw`j4{G zfUwVGMCl#&`0ldj6kuXvritcw*|OX$e*Ffw#WQh&I1gekc8jg>5&P17@wB5`sr#&- z0PK}qOi4ws)AI6gE$v7ffr><4_CO+y24}!bztx@t%F4^XL6Fm6&o}%B>@q*6zZ*>R z`M~Tso9=vwFV4u>oOnx!5sTvGrJD6-i*Kjb5R4<$5Xh`k;$?eF; ztt_H(r@J+>Gs;^XHpsfg6<^>vf0FWaVp8f7m6EP|-F4ZMq{#M?-&sHin$zB%#^Ktw z(5XGNtu*h+#l{=ebFyikw=$mcIQ;!2e>ko7vx42WgDM`=*np z0jOF5`Tp?Ha?bcO;pAR7Xr$@KJ4!x|6t!@dQOJko?!!_bxy~E6t#6T@($Di$+w^9| z;(Q_HC;RGC6mL{gFIa5kZ_V)y!W0aqle6rdXt~2^;~cHE*zt(DH42Lq?vE}+0mDLO zx|Fs!Ket#Ql`9Xjcv3WLL#cX-!^_z@2LzHiRnABCesxp3Zng}L@v0bt!^-Z{q7J?f z%S^R_VdJ2-N8hby==Yzp>+msI0JlawO-6f&Jo#aoefBlwVkc;I%^KIqlXU` z#7i#DlXU19y{oJalQaZE>wzQ2DCfo_sq$nc&gb!)b~(T5gbAg=mS-{bm)mWk=0jKU zo97vX%R8+L_4dn6lz^rcEpaQC_@RVp?7&1R{psl>TBfIj(jH%G zVvflc@KK7WA&iHN9qw95mdx)+(V+aXtgBcT2u{8B#T8+KmB8^jU{HA_x}}(9z2Ca# zP@>(mkk3_>{s#f-nTxS@!P%pUrJ{<8W;yr!^*kFe9S! zySoC`Md)T_a%qbtqiJ=zj$rNO6(-5d?ATN-=7n5nunW8XFEugEn>TL$HKs-`ZpsRv z=|OH{x1;%+-#~ABdK7X1_y?_Dv%G@yB9^JCsho3I@Po!Pw^#y3?z5m32&;m2PKn>k zX`_TXJS^%m|5JNn%7K(Z1r1Yg%lz^-#}D~F$HDS8wPE-XWt`*w{j~KYsa!X(ICS)Q zz9^eCHwS)ukA5xpw7bxVlDAGXv({>Aywv)iy=_LRpITn2<$T=+v@1DZ@1XG#5|i~! zHtrpPB3+N;P!c)UDRupxqDuMb2c|tX!ZM4GW+2YpE8}O^!Vfr82lqJQLdl>3R@E=_ zyb4NEPd-c$GBT&*i_Vri&&rVQ?(SV8ZC8L}qGQ{g`o?fkQ4%3#C6t)t+sti!;{jmw3RHw;zi=*4B2wyj0QPc4{`#J-z_wn zqFtAaCsaI4gxx zkfK29QU{NTVfMzKAdS>LD`(Fg#gXN^AD9OR4lADh4|NK9Iu%jjU55)%FaOZUr@@5b zAm({4zk-a2l8YnVB=^Fi6CTl{fVz*C&gRX2>nKCDNAF^Z`AR1iK#aPyK6$PStZ(d$ zlDAxCc-)#Wm` zF?1ICMNhC0sZxFY915|r*A|LPC!cjR$tyaIl=(fAZWQj<;_wZrA>Up55Iqq zDT=;Z%~bg&Eb?`{d)28Y7Pj>|P5#gmJWt&!f!w=8dESpkR0A>(3e*!kU(3FD7Kn@c zf+fk_L0{PY1AopLwA7_QA+t=_(v$zI3wS=#u6;z`MWptZzklB3T&J~aRei?g)pB8O zya1^WVEb%H)~WZLC$nDB;YPh)=#X;qwzyAfCf2ZqTYrIeZZe*M{2 zX-d~%Lp5NrC{AlgAY<1<*M02(hgLE9 zcE*O)r`l5K$tm%`&d+k|K@`9ISGdwBbGf|{!!-|mLng>o`Pk0e=&X|-&Anl2Di3qL zb$v6>%RuyWU?r`QyJyO%V2DT3i!^XBe$cpG1!RjjA0#d&r#fI#Vg!CFyP~TYQu>N? z1>>kfSiN55>FB7118;L;zX>n*RD4pNz^*0pBdnm2s4t-KiZI|{@q+5~M>MA+ZSyaN z)zfuM(Fe26+<{;S-lHYnz;7`Bff6{EL;J_Xbn1x$>C-4iNw8LEmUF+;j5KRlqu1?? zrl^PeL~hZO;{6T;Nf0@avq)`X5a4N`$78ynn_I%2)5&5FeVjf!8LUnbGPH>kBi&!3 z1p;{sr;3BassWj9yA$v6B2+!pcQSUtZv~GtTU*r2g`LY$R@f~Y z*)Fw%xY>5ExC1LQR{9G3&dvlGM|^y?{2J)s5mQr6StM}UK^gQk%iVJwdf%@34v(6X z?e-SYwZvm*XrW+4iKIdGx5|nie>CXGkiF~F&B{td?)Oyr$O2Jeqs3*B77$))e@p( z;i>a|1eS9@Q&BTgQSRiM)y8+T*!!lQjIqL;o(zd<*D;gR?DSIT zS$O(4#FR8!E|49jF^H&0R5GX4$2qg{EE+**>B70klMz>S^3-j2c=p4(K$|#|x&ez7 z_vyfQ52((Kb0%jG^W zp?WkmE0yo#B&mhtEkylFwCO)15eB z;FOfgxQz)m`5wnlvL_@&26$Fzaa#qh2wcn%9BEf=#pku6T@U45q6v-}k0>zu=`;>C zwi#uw`)fz$gDb5;j%mA{Y1#kzDMUYzeT>)j(YGqxj@ zNH{IVXU%~EdyaJz$Jq?TY10$(dz3tUecJ^$v-?LPPRl5wN`^4pY27+W;G?x?ZQGg* zuy1qt{P1Oo7z)5e|4sC&*Q8nIT_%4@HHjKhP?wViwlR`#xi(a7v3@F=wh84 ze%>;i%ct=&04-}AU8Sa;`y{ZuWD{*QcszO0jJa=uHdF6ZgC@Ou6*JAv_3cjvRrqV9 zA#I!=aho$h^EQs|GOkTt{Am2k2BnU3KTYDff@$|7da($k3hPp>DD^8(hZp=(hlil_ zoOpZFulk!x0~M%TlUhGnSmy(ltHs)M0`|jLThQiuUq|@15nB!|1Ji<_VNdDpJBgY) z{MY)?er7hv7cmlj+ft2sdUjt}^`;;-od=N0or>o!4ts19q+y?bZ4J;%)K z5c$0o!frECNB8ia{fnDql6m*dAj-RQMu;p@bKZ+eFulE-h4-na>+-4p@CT=$Ws)wi z{0gCIRLZyY74jQk1zQsf4O_>_&A0cDo$GNr-3-@2Ms%o?9q=C3zxf~L3r@axmwvSy z9wShPL_FKF<>JT!MWCr7C6xb#sQP-3@L#OctA4^SWFNq!@bEL7r(6B_ zj34P3seir;;ctvyi0(Uxn}=rx&J8N`o4yX{fcNs|gA?Ii;nxuYsE5#o4$tG`%z)uXf%4aD*OQ zZ=7cGiB6$DMVGLsJLLGi!$YbS5%?Pf1eo_re#*M8zh#8q!T%>F5d8nh_WPgm5&oy< z2$1>X2F)HY9MQuvl}AI$Z7~>aK8cRosQC{nGb4mEcbl+hjwZ>j4gEgv0T67qjC!G2S28gDWEOfB2e=h~5Ma?}d+!^#OBm$kBz`oHD17OV07lB>e= zYF`V_&gy;X9~Gi{3s+NAis=?V%WN1p^9G@9dvZ!c|UY^d0I0* z4x!w>q^3>*du-f92o%@}`ye6#g_l7rM;SLi?u61gS@!x@7UpXRS_f3?(%G)c zXe<_9P||jLE*?}kIHQ7%-~4x>=m083rHy5#QSRd%U$NUMEI8Z6sA8@$)FQ2wiKnn@ z{j!`ra;Hj-Y+4mcrjibH8_esu&w@8%(@D}5JlCkXUkhNyRmZDVuOtJvEk5DuhLUvK zI+TGMn|#k^RW*;AvBcq9IOs1ei@@gpS{b|`&`tOjTzarq-dNLHhw)Q-!Z7RKu$5V} zpS~K=nuG;c%>1XK zk+6;%l>5F-+|N4C#YeKH)ef~2%sn%c^l0V!f?$&mniCn%{dd`EL2ONhdc?g*K?}mjH*h73edC)dr6TFI& z1Zx#t^Va!=_&#G7nQz$f`gD{9^N69`%eC;(GZZ7xj)C~oH!Rd#*PBQdohJRo-s(`ggSZtZnj_n!X@PgC zjfhw1rATnxI$!qBPeNE{T5&q5ijS4#G>QXeE_Zr`FP_g3|2^h9ngl!HsgFP0Z*5L3 z;7OK5kDR>w?;}Iis1?R8O}}?|K8q6w{1nR>6HaRxUN?DrG5g{k{aviK4}Cu&+jGee z;NDg~UofmS16O?caTT{gkSz6lu)$GjP%z++T@zA-PhIC=YMTgIrktI5jT_hbF^)92 zinsxyL-jq08|x8e^V=rVwAntf;ixjC)Ol)bGj~lnfKqq1@MNYMBZRd>{0$sM#3(gz zhL`oy=7599%@SkW&WO;eE~S{C=@P!qaqEVFDDd3x>1Np-@(5w9_;+B`cnut#cSwp` zXPkE}bt97E`!ZFvV9KcNr!Nyy^lpiyXOs4dEUn$>qRu%o5Gg%BXp?FFwj$)j54w@b ziO;N4nx9|ibLFL95NpyDZ3#CdLVSOO@U&mL>`@f~T~0e^`fv{YE{}w`wf9-SB!Jal zv)=ACMj1Z1?38b@`aJOb<+DwD-fS_YcWQ4WJM+e+D%s`zdVz#u9iWqaU5G#K_kjvK z1RmARIlBp!Sj6Phl%;wUkt&EnL-eAs{7Jjp&TIY{fci#*pB@7D5u3P&R^nST^(F5e5gxmI3aJf`QMhT`?>oz6p|#*U?u&w$I(HcezcwI%^be0I3_o!`ZUh*-9-OOgcSm-O%%H(d&)M{|tKE5cHu=^}GMS4YXhl%)%dH$ki z`y7%#yyDZD_bZ`?wocRJBQfQJhU`Z>ex>kDrV*d(G*$TuT1}IJWSJP`nCq$#UFT7< zbZ*y}-jBkw^4X!I=4Jv5nd7Mf&X69nS4u@kN0MllQ*-Uv8=~1uy=N-c8clKR;|dCP;~HHX^{QH- z>GLMWs=f_jkqgDFeX-`-| zR+~>mljkQ5*RXRP=9wxkcJ@l1TlaygX={P<@fWX+pWLZBlA2wHI+*JuKy@etk#K}b zsm0|=oR(kdeM#IBf@yoUy7dYd ztK$K*EEz%$_HNdTkqX|kqyk$Y?QzMiSGR@aE5v14Dn~qw8goQVHW9#qYI4iZ7OaUm6W-r^vaBZ>yhsN<9IfvGpE$r4VTD`c?J>lz#5JD@r z`+6X>`+~LotVFpfDX#UV=*k8L1?>jGV@y#6hkPc421^vS8)_CP^Tc+B=cCOV8D9JJ zEwG{;h|k&qb!s1oV#u=f=IQ5^!^nlO_x0g56yhUzX4Qh$p*q?M9dOw9+U~V~f$MV4 za?N0<+U2RVPI0imPh?hG?_JimRA(S}e+YxnJe;HyK(y`FmA^|OXQyF1rI((KrHOc- z$5r_9JD=4Ga8Y2n!lx`JoP3ZlyIM6~Z6*6ixvsBvPN1BIsU1~ed!{y#=gS3M%jPQ# zhL2l?c(otZ3x&rozF8KniR;>qX@xu`g#UgLi5x7*DNBkrh&^;txrtXY`zYaz;&%In z_!~9$l3gx#QG+V1kG+ECcgK48Oq0G%B6Bjg!y3a#5z)f72KaVzJdh&h?c!Dti6_+( z>f(H$SI#c8>>Oghd25V&*S*^d5t|zObNutpmDPy5qUWSo@Y&0_gM@APayF)XR@dA= zaCW)Q1!Q{PP3rG_3N6&{+iAu^U9je`ot3{e>Fg%slCPkG(=^eXFdD$3x}P#gdF?g`+jof+Zw$&=_`SCSHT@P{oo_<- z7%d)!%oAIP_iu0N$=V-#T&aWCd{{gK!FLV(V&iuM|<3%$?Zk|CL(pA|{Djj`As&$)f~_TXXIjguF;hfSl) zW&ptQjD-5A@MHHAuu1a3T0X)AUnL3j2zh!u=_B*?+6ic6jBFOCFX!ra<*NtY$&Ege zsT9&CRwSRV^tHEf*j-zo^ne;uSRxnvTJ8=TXfr(4FVHp1`?v?5UU&S?@J`#=%N4u` zp=Imy0;XQe?8qm6dSzbK^jYp=dLyR(XPc7Jr0B6m_QM#D9{g~zzen5tv>jG2n%pe= zq!uN3T{o2{pqG4h7&a>O*ex2ATjKX-j<^$0dw-mAztOxQqRj2uL-+V+aeKI2P*lTH>?i&V$f-imMCNklmdH@A*GR`~_G>I6sp#m2~#z zOrQu(rFgkH9o6|GU=aDcq|NZ`=Z~6%cbdNM)rwwzGgxmPiB1_%D30=S(pLHvS}w71 z6r8U`t^@MvxkGmF&V(X8aZ^$N^kir`CvRpZXbnAKDLY9SZEw`XY7Vj+-**BRhaB2Y zFAHo~^}~!`nfb$RK*m*0_A`tXqBm3%6?S;!c_Vt8jJG!!=w{fG#wnv~^BaaA_IX@~ z2=Cu{(uya6gs(Oyl|=8CgPeb2)%x_Duo5j3QLtp{UO?f8!}p@z*F`Bdm+v-+JVW_& zkX=K{XPzR(e6Kf01zj8f?gvSQRJWZxSF1OtXTw^t=Rc;ID3(|*Y(D?>{ zpN`Y5V*OjU0YV*?^J>;vZ9Vh~JG&E@%h)T6C7fZu1W#mw6~Me&<*3XV)GwUc@yg|2)`?8K5b? z`^aGKyt_i{clXfePJ^|)Nq0xVY17c`*&}L*gX@IMxzlm_%PHtX7wGexGGr=Ibtr<> zDw59ZXXZTjJGe*tbnx*r)&5(#XsLl&q!)Ka(TTasWjbY+y zYc3?@k9TFXkO%Lb89{xD!su#%!8_jNVUeafg~Ept3Y^c`UEtEY+Ys7JpY?%(FvaA1 z%|Rvf-TZ2nvfYPp)C!@C%^~a59e>%k30sO9g88jyo5Za0TCP;3*|C#-F;cm1HR6-% zIEFq)dpm79_8ua|-cf?^!0xk2k~+s+r2Lnazkc%XobSu9!fU2+x@++z;A}m&3!f=H zNHuH`fHj`r@6Np#U$x~#@X#~T=( z5A|-ohw%L}u3RV%&~R71YrSEp;1l{^eBh1#dwU+Yny~I(d8~>MC*VM7AY-C+X7h&B z)QUSez>Hwi)+~k&W-FEDR~fBKWMN_QR+c7UFZDTRV+N)7=m;JLgDM?1sXkrO+N+>! zVyRj-yp$igZbt!8cUURMH~ioIWaC1Ico-X zoJ*=kht&+ra%|G{miZiOY_>YRYc5O1N_ZqTRgn#feI$ zU*Q!hdS8!7?BK|M52(dx(`&h&S)mWpa8M;}3+hcys`mZhzytR*#b-juMyLi~{?dUe zZN29-;x-66N})WW=#m{51r8BrYmzhkzBl3?#F^uQdh8E04mu^;m$j|^D9Cs`t*8iBB>?%J7?W?Z#YVK>T?7C! z?<}S}s|WhmP7Nvb{7hvP+{N+tDdipf==j+JN#^^)|!hyI%$A~ zX&U%mN-j=hac@TN`=Z2?(~N7-%&Ny1eqF)ic|gXU<4tY%$`5?= zrKUu_YR@@1qiJx$;@eFPLcSY#o{vH(Dhf1B66@d2m97>Gry-fELIv zc3>?dCFrYBUPv`GX*3@<3hzAA^7RN&Q1wT+q4&&vDAq~?-t#ieo9Irh7ZkMZnK|&| zgr(`yDGJ1Gr!C2=kXGal|JFsRtH^L%l??n&K(}e+PtD*s`v~YeexyY_x%lx;2Fx~e zK-W~jX?j2^ykT@WQ-ayG(X?}ThGJKJ`nwg!5B)V7B^}_lqJHRG(Il zw&DDBKJk;!bp$3P*?~}M4NDBQUt8%^dHQIzWd(fV+jrt32&gmHH? zK#Ub0GK?iP+=G!)9^br80qKP=tCOW2`7r^W_TcZza_&hW^{a7D3b3^e{k9h)a{;dk zV>HW4LARZZ4qz??nZlOQ95_!*@aR%k&mpFGVpwZcU72Hpt3+cNBk^uu7u?`l`rR3g zwp?&0Mm@LYhdj;5HMe%{qkF9wmhh(h!aPe!-E3N=&kl^Z<4QkJ#Z9?zS%P`JEj+B2 z>8ML?EI49l{u1K%`(&Zv%i5<}Q4y%;@}BcE%XCs3ejA5=@MS#@O~Vd}uB4d2M8}Rr z(^8{#WGD;7CA_%Te&-tzZxYp}L=yvzcUO+)Td!mgch|P-JbN^sV?mfAPagU9Hk318 ztM*-7T)t$!y-d&L_V(Ze0e;JAlcAR{kWA@i&*<~lZSGg4KFIm`7D3mQb2ug4?<}l} zA)fV@sXU6aFhuA~EzSIhAdOJ1SK-Z9vFZ=Rk~KfEh8!Ng-4n7gg=c}*Y7&?0mS8vD ztgSbLquzQrkCA22jr&R{o{iZ_8e^^dhya3>vIO#iJLP)%%tt-HF7$RH@F&>blwR3aRZr}o8BY4 z-IZMeVWLl#sXT4(^}rVLnb4isvb#PdB0@rVhS1o|N&&!aggv`(R1O_^v@nrV5>#6@ z!qbNMPIdbBK5sH~{y?Brc7zYWic$nNLmIR@-{?gB3@om5iC;e>18 zh6DMJ3=$tHL*R6~9A4pwR*mBQ=~lzBYLK#UYi_rU!}9)C1JP(Yzuf}wN!!)(IB^GR z5jo2&rhRIa-NJ$jlQhlcOJt#K!l_>r@cSU;hV4I77 z|AUgZRkI}+la!_jYpOB3P$pSCj`BNwj}<>e_^L6}*eM8=%wWoS`YSoxx>L|Qx&`aS z;t;s+xUZRpX$w6Xx>?C&GX;y(o2(y7@;?rxgk$3ajhAyBM}>v$bxs7YFuVO|03-BC z3S7Pfw;Dv2xjA|Bd-C4Ubj_8Ak6o8l6SceWY|n{(zO=_Q5ubw|-U6%psjZ%sx;cTZ zoLLdrm+k47$WLoepce>6&p+xa`I?)A&X>*_X14a8R+T+i(;6zxeuy(~2Wz*g-GkhH zWR-I!_~?_WB^*WsOo$<-E!J|b!gY=phBk`S{YoUt@3H#}%lo!j=c*oCOv$0vE)$OO z6I2VY$N5rBGUMcX%{T)vSZiO)(3{E>pKm-| zGdE`p+1jz7HaPE;e>3G7FXlb8l~qnQ4Xq&&%#OwRvOm`WML8-?xE7=Pwqjy$WqU|p zJFSVPlAUgcL1Z`8kU@p>(rjRsn}?93rQC;(=w2w5@!*pp)1&QtNVC=LUT=$r!2_I* z^`Bs{n*Ig<|EF{d$*yS<%C>oO>bFdE974|J$AH@=s()(Es>d-L8QC^kE5INGz_Rh1&y~`v?$Iv zIuE2)gS@do1b#6G+os7febM&YL0wVOkT%mgo7vJEFOdKLMc7-%Rkdzy!-^7;f`oKQ zm#_$FrMo*N7afakLFw-9?(UTC?w0QE{HE^xJkQzZobUJYCot!{=RHS{Yg{+Xi?;VU z+2l)ey1zE0mpy#z_V+gc%&=s_NjD7x*YjFnY0Kq)yQJaiQVW@Rc6uw~)XJmq3^|AA z7`K*aA(wfTLmmT%bEy=$430@zapk8esr3?@%_>{I(K zEc?C7`{i_V^;yj&2HU0n#7Zb6dW|}((QF(yksZB4`>|%LpBdYRXpOjyLjltE^B7r^ z_N%c=88LhWxtW>r0ZNeB&7ybr6}E0Vqpg~r5cvcspFyKA5Gozd)tV1ODxcxi#ye?O zF7?8hx%|fg?57#Qx@89u+o$9DSnWIOp#b^xELhC+<%%2meOo%`MfrQ)NYF(xxKpE2 z?SA(w!OF!h#{nu_zlSYPSd!>_|2MI$9_J4T43E{OK&JNmG$OPu`t4%^VrB;>g9s@EzMXjM}b8fu^14;fu@FOF>Dab5*iIhd#B?`zQS zS)ZUTERcjNe8QitG3r{unQ2UQrU1HhzR8=84?9Vrt%=z+R^{_YH0i&xxl~I#5*k?N zoKl2K7SArkGEuJLyz7`dAJ*cd!QY)KS}c7;{l(9#)QSmZCq5KikJpx!$(Y^7@%Tnl zFscPkXpWRT>K+C^Z26?r%J;Of8oug_S9T8V$QQ50>nwpkdWNw6c-^=FgM6n<^?BIG ze~bvsM4U@LzifL~hn3=FvM9YU%D{X3_3nksu*@+lGKg)`_*wgRP%A&udfVO8I;@!& z!kdBz%j;k_o~p*}6a8#468}&&Tp^Qqj-&lmdi!Ae=k~M9Q}hVS@WPLniCL(O#3b0r zN@NqA-ugpr?%O@w$lob;EYHJZ=#o8(li$l1-^LJjlR!YjEwF-Zl*8Z`ni_e8RX%#7 zqDdf|NeV){53SQ-cJg!4ifwOOXi43k2sTiPU!RQGY?X{}zWrf}D$RI>ObdpT%lmgE z6eGjro4$E%(qU@*1I$VIlB$fG4OU2PFAvb&X z+shkoI0__((j;#19bv*fAC<<_sv9m@8hXEcn+!GvggjCwSLyxJ!*t>CW69x8+`|5q z#;bm8sAtJ~2SJCS!DHSSLITCDdLSdzi9Z@Xe@a)4I%>Xq&Q2n3pl=-0M$!sSV7;`M7OB5)k6fXrkI%f?ORw?bFho4rcmC(TyieM{KfrFVa@nx zW6X9)N@zwO!vif!gMq8jW`bMpgWFq?+S;Qj(mvIU^IPZ%hE68+vD_&oG*rWCn_q*i zJWfwDuh`I-5~yt+q|KcHJb2DveC5|SEs(hw>|2jt z6Ya1vZE}O#_)m;B5Zx5L7>wyuYt$rrSf~l_Uxi4BOWF)>N}67l!ol0APd1&ZO)5LQzNamgvakLqN7~{7uViA@^mZuUa+gs(KS~qN&_mYr^lWP1E?F#K zxA|%{06XeKErQ8_a-QjRy%HKvVRi3i=T@|73_;^+!s7aA8svnRKGKqqZLy$=Q2KxS zHQXa7GHnue)|@3Je>GvIiAt=LxCHn5D3*8DWfOtUsnDwQ2y?wFN^6JrSxO~Q*Ri|P zX!ChPr&VT-;X%|`X*|{cl<7q;WaZ_xD{T8BUInD1v}XGLOsN*A#=BfUBFI;8g+b|v z3j+lKXl*?o*o#+<#Uiwr@{n~r6yw=#kgf$bfyPxwr+*~R^Fv^8&8CyWnIQ&SWzN|N zu4(H8GyYEc={WVsLhUhL`4B~p0h8Hv$4~6zrpKc!2XL|0MQC^V`Q6hJ+jDe9Ma1DC zru6c*z^~QoT7d-urSHB+3kc=vXl#nh*GZr%3tb)c!E6jH1})n`w~ys~#TaAUNL+Y8 zd;Hro+yw$zMpmo}gU9(4mW#GJ(6#t@hb<1V|JCjYb$W` z6>yTf{dfy4?0+7}iCw3#``0neY_CoG4=|9iO>78z5-1Fx$XCwbs3tmNUb_*#MH9Q9 z8l_=okg50uytsHmLC7R>jOXX~x z=gUs}jnE42!dXM<`?Z!m69$M6YQqm%@EOTocTp->1I8{E8?uf8AhVC6Xwf$*HMSK9 z!$#f6c|@fF9Ie;$inyU-XGS51pN8x{<=LFGwjWa#>}ubVCh>&PJ1E;((G?y??i>UO7=_rT>Qwo?tty+Fq2vEI0` zF6QpZfDh;!!Q0$+u1iw6?I%oV5Dr-fU#V&|Z$?WA>*mgW_hye|zQ2kg#RMn6`=t4* zAx;);`_OTG)#pk&-2= zn!eX4-VKkBc6YhFn0Z!duwdIWbsoM;a=}cMZn;ionk|?ASn-S&R#_exm4KmN?a&u$ z`M6TaAe~}2Mpxf*9gX?B-IX*34BhVzV+wV$+nWdt8}Bk_K#e6qW_o&rt17$MyRug+I}ShYNLN3hFDhdQSg=(6txwo1<_BF4Gs#z%KDQ4h6u%~>iNYV9NpK~FWGSu!%Amg3*t)snIQXy`WnEG^!_zx zN(!J%)?Xj+;u3@Gyr?q7Ww4qT6d5~?Mekcgu`IXgFJYG#>F)hGG}2?+@$ z6mFn|0;%^kiDz9t2^A|f7cE|O5L{?b09_8k4}3KGOcFLKCOC|>tgRSe;$#EZA|km{ z$^f9QO$tVPQ&{rxq8rtXdp~TDnw4HhE?>>81QgT*rRd7jtPn=2bRkFpx zLVvySvEu?uiw}j_J2rh^4ozivRm4yHW6@su`SFrQaq9*>VXKo7TLd)5woi9m-j+hL z!1DM*w-8w`BqlCw=bh|TmLt?ua|BI0L?CfFif=t6e5VhVp#fSd3h}`& zm8fxmmlCBkNEZd@u;SLuj#Is!<~wnTI-3F}<76C4f0(?)dF2u+#nSJ~a%h&sMN)Z& z<0P;t16Wg+@C8bI?k|vJMyvn_yR40akkf3x{(`T($8k54Vlb&AMerAJgZU!<@E3fL zn6@yY*#3(aU602-$?b112tx}EbAOXVBz$CVG`E_jivN-xO?p~U+k&AnF*ZB|U$?u1 z8>U3tb~Pfb&AW*j9xeP%bYZSoQHOQgLU?!*EAgy z33X1zca^S}n?c0-=$*HX^L2OVOc=flVM6#}MY1!Z=8N$A3`#Ab@n>F^s z&Ha5Y)(nW+W^5&+c{2#xbR8!qMXpaUa<)8>WF(QtpSXSr*xvjgM4O8~K97qGUKZ%8 zwY7_#lQO@&*^LBpVrhlccU!I<2jg_tVXLcQFP>jKr}_Oj5bHYiO@9etg?Z&Blu0g9 z0@~s`EeQbz1qE|IEOSy*Q`0tQknzs4X64nSqpwI4NMi+Z43Hi$XfuIoD_T5L{cxhR z_;uK*?pSN&qi}r}RxVFNhAd6iZJ0DAXdfe}O~&F#(J0AH9T5#yBB~kpAbR*Ex0n-R ze2Z@Fx)U@}i$(zN2U^uwU?gc1{$W!F2%#W>{o(4$UQ5&6u+BF*xp~QM-)3u@Ui)&V zT#0VB&yC4CUzcn_jY&f?h?ZWXNmtKTuF++NF(YbZts@11u=~8U;8#r;h(Ev1$cU&2 zkB4qt;cx~q6*r0g0)L;gAvdLy3WBqBAh}AirjeI_g-6SvmcrpqmlaX?-t+Vo{;WmK z3+>#6neP9)%IbBErM6J@l zymj*swdK zIqMW%j}#IT>Io&BnVI2r9K6V~F~o>oB0hLqg#dUSeX`|QcJSP#Ts|W2_8>P2s90^c zE-Nk^_i)|4gS(;xzZJ7!1oeF^NI?{^W-JhQ_Wh+^!v#?nrD-UVM^zRz#hxoj$o@Ap~Hj%OQyM&y>w?E^pwNoPQXX#7*44lBzW`KLpafK*~+FS{8uM?|x3l0fwm-r8oa; zRW-|`fsYoK-RV|vA~Jn#ajD8m^WGP+pTomXF}2^PuxT7hU+ag>GJ2bpHeRt6mue_3 zvgOT0@BI!A1LL&PY=>1Pg&cphx(RrzjL$8r#iH(QJ8$3F9ZZJrr<@AfnSB}gMfg}e zKr0$-D||Vt`fM~>S=(yY!SE_LkI%aJ4Em)}ncYQ55RC=S@O_eJQm}t7p5)(l{c>y| zUV?VxqX}pYWRl1^T3YTm)0v@UFsWOM_pZ;es$h+;>mAh1;NIFn+(}s3=*dZ05Dteg z!!MeFx=B% z9deOY?n9s54^)rCgU~uU+A$m!-Q#%KfCTaGb#VD$1JlEsmqtOwr6rUDbQDqx$Ig78 z1qAeU0qjY&#D#3e_Ys3wGC=`>-c+c!IFVrm?@OXn0orAPM9rY!Hi6o7Ad$H8$`U5U z{V;=VlkTW2{CQaDWp8jDt)ZQv!jFkfgpxid^kt6^LcOs2rqu8V2sRK1+EVFk-4DUd z2^|z5{{Ni%TPKNj$9iG(!@f{uE4) z!T@#j*{$nCk;a3nwABH?a+JpV`y&0|f}LzmJ(@q){7FXOv0>N;GWyVH7BV}qU)B~h z4aYcQN2jIku>6Ki#!M2d5q~cN-nZEnYz8O_^k2!(8(?y!ud98wxBIj29?=9^>-Sxr zM0q#1&h)=8#H=R1#F5b7!gPWWn!Cwy!t7(pcPmnqqGRJ}ZW|`sk#po%sQ;#L{~lH~ zREX7icX$@QtMP7UGf4c`OgF2N&p0s=@I#QB7osmSp}K~wo5=JUm=;lGR#i);+^|TV zXh7etXYAV+-$TQ>9XiaAV!ZR$%KQryIC=KPA>Dh4r{d}urN@KKaYt31x^12x4JkL-h6g{xzjGcAZMcTR8f zW$d8FeJ@143*Lo2S!H{yH@=M(w0TOgeg#VpmTtPd{DEsq@TfLJ3QeS=?N1{FdzMn-%J79zDQe~LZx_UFBB=@`B#c43 zSPj#}yrz1Hk5D(jU-?8hL=1{Iu|)X$j|srGMrzIkJf>$y z*k+ezU`6uXh4ExbOYpvqPPa`g^#W8OqTux}EhLM9HJb1F$r`9)Ijx`n0#0XYW!)ma z6&apBT)7HwxLR)YP&1Z4ieXSHk(99F%5t~~r5czX#C`ViDdZbw+Mi$lz9gN>Qz<{= z*z>DWt$X-tx4n~tHh*%FDYS9>YK6+`{HztS32#y+zv7zf=Be$jZfF>DUTmu3Uvf&{ z+=%5Wo)N_*SC841a;~+_m)BoiQets$zQ(W1CzV>cXnk|{CDLX4C}qKclW<6N3{g-{ zBWg%fTRwEnvEk+m${F>)N+mobC(ZN+6uZ12k(&tNI7JSj7iwf>r$SBa7pV*${<-R&`7QfG~AM!mF%#^QpGNh z)pngJl|@Vm9%YUG!!cyylexo6_u#Duj~qHpSL!Q!9F$9>&?~kn$IGdBXU=Pa+4Oqr zs{?j<@H4m5QMy~MrMjBhuCaL{BluU5YGvz#{?;J3^3XW@jmd{BeXZ87MfH$hp*EOL z+~7ARCqRp>(hd&*kY>;5wY)!e*uI$-WOyo*-<~Xw#=*@U;x5yl@?4td<*Gedi~kJY zGVH`G%TwIfXSS~v+?-*Ji&XmPe17Ji}2n*gA8V$2clAHgd}NX#24iERDqqgDULEYGK5$%@#s?Y> zs`}~9R~ZvFUp|a9;zMg`JGhH@G>X<_D z(}S61g#A3dHXKeap>rsyVbn`)2Qlpda^n4_ToKfif~>n_`~f04Km`sk0|5ttDB zf;83?V@_`POA_F-%k-+cyQy0QjMNnS)+F9Hpx1O~b((3np7kEuj*#4ji*=<`{&-8X zH1+Iq8_LcZVm8evo75W0_blb3Zl4Izb4A6DE^4zGa94HJFE)T&W4zE&b~xk>*q|*7 zN&e+-J8zk|O$curp331P%v0RH9@AGbLs6h@X~hus6;h+Vp6$(cjCpbj8kE_XguL?_ zDb{Gxd$cBu?Vqk{y2z|-(FX6iv6pKyrV{_ZEnZz7`AqQctvyB(T1lQPmsJ{T9+^p~ zbNCkMGvx+tD0zP->oVii43DwREE!$z<;_arkp{eJ+sLW%vW@-i&C#3n8G_)i(6YTY z{6OpI3h3TC_o>oXgM3p=E41_~r`a=m&*FB}&)pYYPn2RTRj*xr@cw1{_cCKEHxROi z5!OvIurukX`SPGGSf;{l<>~`o|FJ|_5Db4E3Eo?czTRF{Ijz7}L4!1VC4T0@?_+a) z=$BZ(XF%v=T_yvWQ(y8Cg9SvRny=mrtgt0FT9oO>I2|n^@=za?ZzFPUn>}m4qZs1W zwxYmoRECECAetXtyn8vj@x5R5Gygr&2>U)A*s(6Lbgn^LyrXmCxedI{Ei-f$xv7A^v?vyY3!L4ulJ!3PkW&T7Q;*A=H z=aOL^E2x=t7LrJ{&!8ZMJdT%uY0cuBdL!adH{N>64={(T3Vr`TRlGSrl0K(wQkPxK z=Pc~u`PV?IaI?rcHjxMYV}vd0MPH+hRh@v!qyr+InmA+YWSrpNuL!1PBS%j;fZWzIF8Y#zo-keMVnOl zwNGMcbwN~;f7Zt50{L>!EwxhBv}z{tmU3mgh?jkUs;^$(^=rQ+uLq<043{ScU2Ac7 z2P`>Q<*P+H+#>46mP3AQ)Rfmnx!E;UiYE*CQ0@kt&cR|b?7zqK24LsSeMqS2 z`{(HrY#H1wpWjwmN#S_ULTA_QdR#Z(n0|V)hz$ysUW*)^peKXtiIp)wP_n zzw{-6n2^@kT_g8HYYDBKD})vm_W@3Rtp(24Q_jZ z^jq*C7=HwhP?Wucl&4{CAg|L-&v_Og%?qqpRJY4^*dHCK3f%l_I@@PbT#%%&WOiP_ z;WB~+_n4(?=ECt|vg0+emhHhRIa8%A&M$DB_g7!0#wx@63fMhx3nkzbtDcqe9p_DgECURgG^>op*i7!()CC;3-iRO(Fm1$|T!n!K`5FXX+k}_g8@*SOt&e4qAr!twW=3f|Yx#y?fqHqb)*;I=n`)och*riNO4C{{3NZzr%eXnN>`pM5ie1)3()|xxJyrA=c>! zB(`_%#XoQTY#mccs}@*$Ufhv5^(TU8luXdG2(=Rr2yB2jqi6;8@SfKUYU{aF{zz?W zvv5pQSHr?Es=d)DkmvB-QS9)yWt`&D0q-c`NFQ6TGfsY*AJCnv@ECKQytKf9y>_## zDat6K*_MnQRu`kSo-kl8G~%Er|2Xzp?=ZtV@Z^krfOXHY66)T0(8gZ+3-4hPlMAtCj$jz^gAQ@qc0uNPwTW` zr%8x1(60R66EB;9gsfsj!-E9Y`xRuw&NbGWSAoICS;& z%xzhR*;9|>=0fJTKi2hiQEd&hKA%Y!6O5Q<44fHD0>@8n71}>GKHn%Una@5l*m5QJ zm*)~u&Zl8-MQv!YvduLguFiA!oO(Ys?$td7!)cr7X~ZntiE5K_YSj0LsJpC$1Q!~X zS~b7_`GMxEd2(oI=v9rI>0w24gbkj>{J}z*wB~W%)|VmgXMz<=>|^zA@jQ`F=8kIW z$DJjbjjU$N={017^;x9;LJm#)d5wCdO1e-21AjDm@|Mf&4=fniY@YAE=<~ zug&aOY7!Ifm4%d0#RrcgDlI7F=WTor1PF-0MBt_Wlo?kwK>_+HicC;z3mwIZ({|9S zg$p+gXPzcGs!uH;Goib9@{57Ir6Fs-ewDlJ@&vxOP+*xRFD&4oy*TLRb$`6*d9`08 z7qv;-$kFq2+VE-wY-Y3YZYP?JK54O91MDE;qKkiOu`woq&4QGU?8{a(TRTMCSsq1s zZFg#eEP9#A(gkiTO|G-56o4f9sI7@(*&X#ZlR~Fk=sydY z)=DKx_!x}oAhOU67q6k!GJzDRxV@eXsx#WEpBxT~;2T&ftkFhnPV&2@41glHAIbra z;>pqe5g)#JV0{S+t4x25IQl!=|Kt9AY22beZPVtalLn*NTb2L(srMyC0YXQx8+CyI zgUK07xfICDJ2yRM-~DqV4|2e&C!zryTxKRsyI{R_p#7|7bQx7yR7Zq>&{2EcB^aY4 z^$vH844{b>_QL_cZWedW#!SrS={9Ig7%>E>~Ef>q?joF0wjS&MOIvevEEycx$ zR&2RUA4lYc7p7a{>4J-`}TE}WMtQnqqM_rU@k*4e6 z-I!psgPR;kVqFVvPak`jDir=g@o zY|VT=>TcZTH|`%1`8;Hy*_>A?F3d~78GO(JiAf=F-yQGsU-<4N&Jm{Jk2CB)eg2b0-eS=(X0Jh%|!=xBj}wU-+>H7~zp$1=DNri0>z~$OAPN-29gTTnTWZBlz-WLg}4kpr|PPTKj36EmB@9JCF1U@!Ovo$V&OTZk){<5dDDp;R4~)&5(Ah zgmNO|;|ey&w)RHBNtx2VNhf@uw-K`TK!0fyYx2RUIO37Es>b9we|J+fdXx3z;bm;; ziW6KU=vEOyovk>rUdr+?K5gGx5{TkG)ee?xP|KAZ9%L6KMVhR-w6vdd%wp~^zYL_3o#>VRYPz4R1Gy zdmie#=;$mh2qdGVO(9GR4LXnAbFg^yD`#a*btqI(30H@vjDrf))}KEzwvRnT4Wp2E zjbY46Qbw#dkEF8Q$S^?jY9k3A+dMELWe5`{)PAw?#g71Ob|g62MeR`Dccng89Pten zYv^*96ZNUil>GGAqEBYM{?^@(4R8@OE~+dYR#sZZ6W-l6<}WnG2Q)&`Hn%1xwLa+? z+E3jESVqmIY*ua;K5~QSo07L}kH;c++a-j;`(nN~2wf>}XpScsU`y}~TLHmf=5^Qy zaAz$dmBh3Q+B z9tp#>)9Sz+i3Bd4b^&zDrqgbK8SSEdyD*0k2{8-)L^V6>Yhyn;*g?=~KAEE+IJG9U z6p^W^j;l2}b#TcLQ#X~qQ#l{VjB;$&&eo8JQ|eBu2wRjKH%4t3-fMh@*jKmg7eG6G z-Pagswx|-DnH;1PixMQ3)6kc}V$4;WUlv9c|lFhk|Ht%tQ zDJnyBd`?{qD3f^Y#FaET)3f9(kOERSeqhMVHi?g*Z^(`)%E}+WN3Snt=;KAprpGPR znDkR;NcKJ8W&R2leHb5mREL?~RX|M?l%JPxc-a~4`V_mAsu{3!ZQmc?Sq!BY&U%MI zBRx#EbCFh)!J0>ID1GQSY79SW>f0#^=jS=H&vOxb17eLuOPP3^B8!b_RINMYf0)bX zHb5!s^rf>XLf%3x?%|}|QxKWWC){Q3WHyH#_GIGfH2O3NTT`vYH7x27upo(kpNw2}=oOao#I>8xQ%@_@7^o%z8@(WO6?d}do;QQyKt*o{W zE&*>FUqmXcyI*f5TyO2)lzD9^yJfge1e{6J^E&r)&qT^Cst-fq%uiGv8Cf)ytuXP( z(Sz&hDw47FI&fk>M|4+{yxV67%bW7Ca}`g3>}*%BDqh*oUObIG7w=rRy`bjEoF= zg4w70jO^dVWsmc6H`ZI?XznXZgBgU0@$p02q3KfX=LHEn*W#Qa9=9DSdNrC&1gNK! zX8q~K%l+Zk3*;5iBN+TVSUV=*B9E_KbcPz$l&MO;zUtMRFRvNfOy)k;IIZ87nPM*n zMfe!C7SbpeC9yc10(I+cx|OCU{Q}bzxY+ujB)(%@U(7vc?NC#(%u`)mT@hcFi2^6= zpA_4Nt@Zaxs4Zu=L$i@%jFLa0Y?#^yPaMtu|279gGmw;&bP@7??Rt%OQ*%$7q)*4H zvOmCF!eT*iT0lvM?NK;VS;8wRvfSlVZ{!8#2z%r8w|LVKFshReL2L_4}iP~ ztg5LwA`4d$OQBme+? z4;Vi&C4E&+chfnYAld)`VIZ1fV+rcWTo@r(2?L9bGjW|z|CdK&cRpr_3n;KgB}=f& zVDze{{xhm4+&Cx?Ncst#A4?)Kbn{Q98%3s|AWm$8AJ@I9 z8d(Qy+}9sb-E-pjXCB)&&U>J=e*h=FBsCtwt5?0g=DMvw_rweU@K5;gL!jJ&LBE#A zer)*m5v$WZwRg8B4%MA5>4tIfzxEeFq;j^K+2fwgD4N|#%DEljqy!99bClRv&?gf25<~$vFK~x0lB)5$^1^?IlFF0oj{p&h zK_O}Q@W%Yx8^t}7xq(5Miyb~>r{Xir=8>IBKuCj6iK=%|pFQKlV@lRMTPaBC!B#3Z z=rDjU{8NtuD%*q`MX?xEf}t>-SMPbv5p0;cOi9qe1ysIGfe+~SPp>=@90~FLiHtoV zlx+9X->Wn*P`VZ(JjokdD2TuT-(KSUZejzg``yGwf%r)H(JIcusEobvkTeT&d4o;W z04Cv`YgKP@o_|k;Zr<>H_G+ElYNZVq#U(5TDjlv%{q=uS9-Ua}ac5|E)$BFFk+x&+ z^g2?Z(4E|YSFg*VxTSP)Z7-6hzC#-;xxwTIQv1?=rx#bg`)}Vgo)*86%uHD(T5Etb zb9*D~)lhCLQS||S)>Z!(liL+&<9cd>fLgNP=|^)|cKLrxRdixN{sQxD;R@vjdXzY7 z#6&*tFN?*rKZLw?dp^~E9R~VcRQkJ5fFgd^K?~MHt>Py0Mu*ZJ9RoJ!w=VsudH$(R ze;MvwP=oV>4d8jn{vFu0zsf6NPi0vskZBwKK-dsnG$`F~I|%=NUm%CFFp4fDBDxD| zdGQ~Y`qY$;r{Jn(zv&t{l9?Zwb_kmf6?hT)qKje~>pzzel`M1$pGYJ_-@!+$lSRbh z($*&1^qF!7ndh4@;@!?YKt2i>g;#Wh^ULNcd_wn`MRLr#xTfM} zVn1Jw>&-L4Gyg&ZWS8H*Q zP21Cv{;>z~uCD@_gJy#=l+o%h{0u6jF63Kai$^4_YLj$=Hy}BPN>gMqofnTg79<|t z&SInOE?z@#6KPr!rQKiD43J^Gb> z`Ta4h=JxCEzQBfoXsv#Ep>{I9tN=74jw# z7bJzh2_O!=J?HC^Rr*oKKmBvvzB2{yhHR^qc>G-`qC=)XW&j)19YB3L%Ws&%+(7qLwc{8oKtVVqlWqTs1TlJ}kn~xR) z0U94ZKEe;6?!U`m?_Jj3N9FqKCp68TkWPjkESQl}jjXUTiU?iK&_sotJ%l zRwh&1%|rU`IiAsCjg*e>gJVV$mc64~i-(xIpWKHSl6pRJa$XFi_~`eASbFyzS;=yu zzKby%)pFq?)G=Rk$WWLWE?%ieN>Lp-kTCA~?I+@yga!8!y_#j z{5=YkATb@1L&g+Pdb;_lb;Kd(T*Z|t0)$ttGETMoIdV25oXf7p4z3gJ)`Bj}6e_>! z9ebS24+%thmhcw~&E&^{F_i808N~N|Qr-uWJe-JGkYu?@l{5{%&)lQTHLz0Tr~#a1 zWMT%zZ?2RY#CcWBBZnn)p|OUZNfK;Sc!jF%fB?{hFbNoyY5CkM(u!XW50if!V3jCT`-B`8mD4 z=eT)8A1!9Kc}9mL-oj~f)#hoY2F>mbhp%qoY*V>P-3gi>ms#z)4{mALN@oq;tC1J> zPzzS%L~!vYCf}P?Mj+rb;5^+8989?!P2VHt24bm^W@&aF|(9 zr78Ihp)EKEF6d9nVTtq81;?v1PY))x8b9mg{$Rxx)QEMSx#`Y1Zb`oJkd~ajxv$+- zztU{LRMlvYNh^VHcNR$ya91Is{GO2dr~l*Cg-mP6$JyCP=RXTt@W*F;=lvfP06=#8 zB^5#*E^^~);*)rbJ=E&)xH%)8Q!>sA+1&7syU3YtfU7(=)q1l1b(fiIk@U&j!g*`w zNs{K-+4`48qhG}|>tt=Xoa&mJpvU%fhqEtAeA2`OZ&9PP&Cf3kp?nEx&7w+ciH1-6 zHw;@viw0IZgJh3-YzMTumA8v0i3qhNsWpxrKPO@(gOG-?lV>Y*Hpk;ldPZ)xs?QT& zGa1WULk4%X-1ozAi*!`+a{4J3UbYbk;2n#Ai}0%wQLt;UhhV2s!EjgNlTLu)PG3+LQhM42|jBw`=Ch8_0#=LB!-)7UW~ z?TS5JvX|0lYCbUv(WV;xpI)WQ^6Hzo)P)CcC&$M@W>r@uix11JD+>0UYGx6E@x!h1 zu@(bE=+!lTlodHYW(#4Tp3E{;)#Ss&F^!JZE?`AlC8 zGvWU|>LDcuPX>KnIXph0yj`m?e3Qxo$V5|v>)(vDS=#ql?so@)rIHEE*x>eKQ{^Q1 z>_F#U?D0I-EM_$8`s>|D7c5uDw)in>UO%dcew?)kTEo_d#%x6iQ4j_9l+f|D^7FLA zNC=hAXkJuI_gMsa`9*R_i2IrRvs>pTU*x^Cr>C8fqhX>C+QNQ^uY#6oxI83-PL7 zVy!C}w0WC$qT?O(5~1;2i^~R3{05-Wzr_br6U6`S-hO!n05UO~p@U_Twv>KHl_@+} ze>YnHg!`eKZwzkE|r+cmWpGo4mAzYy|tO{9+L#X$==V9|2g9z`7qYKLI8zLQ_U zx!$V-4*pwjzFv;MSnfFvNqyL>J6-Q~t35o+j&rt96biV_aCl~}k5S?8Dw*mW8Mhp1 zsd(ruCxv}T$f}TfXn66ZW?yqjal`}C+gRcq0|s9mYp*|}4Bgb%k~ec2pK%^HpI_lx zHZwg9v27;>^p|Y0+kN{SbnJN;;K?YJ4leCvd;|W0SK(gxPTZBXrXs|jbS2n zUHtbJ`dOLbkEdfv)u+SYsd1(GHewT6%fX94uDhP^1k(p@!|_mpbg$+jnzH6cI$c** zOpnS`b^YHq!ukjZNoF`3d)(YDztdsCn6lOpW(#sL?{~+V5hrkex%`W`NiX7ifSpH+_&tC<)Nv!C2Y%6 zmqq(|qMyubO!qk}SyK@a&##f;E|8F~P>?Q={QThHinru%Dr&e&aqnoB)r_KlhKql& z=aLWN#z@OedYKs@Ob%{I=%bSu{taHh#L1ey!2Aas>6ch*^b$t|)@yx@6~!$ZALVHJ zEoQ{O2+w&RpkKnHSBqrboJE*;$Ri~04p@vQaF(fqzskt(X)1GK_ycB;O+8zO`v^*JFF}P+mEz zPjY}jvj?1HZAFA%rus_Ai=h(HTc z8D}+%CvjSZ_^7S_f9$szov5;$Wo+YnLUbkbe^br+yF`CAJ06f#KQ zinB;_D`%nmypg&prw=UUWP1GWH+gWUo$$TCf`c%)0NA|xUiPLl6NH3CZzCh+8ZQRG zcIm72kI}satCtbHW~BgG=AJRTKU7u96wp05)+O_K^J6X7jdH38moUFMhw8@=dCTSl zVTLR}C&*YT&m|jT&e`sB+`Xb+BZF3T$s`?#-e$4;VGP1(plb3hrR})21Ea^YiFvdUhu8E%x zz9goS6@hTX0>i7v-j8dqggoup1(y_lDd}4(ug)_F*Sri(9Rh?kAMciz>^mN3BjEef z!5>~334XQMni$aBuA}&sj$+$dPdc%m^e}<+PdFeMgHL{J>pO!P@pm^>(8+fv^0vI!)Nm~wDcBRI z^kR|o94RJo7;3tTYBnDX3_chbIr=CQ0U3>QOq}BItI&|NkkHSz4|iQ5CnI3OdK|QX zhX_@C0y6m#=C^ODvJ-kOyXC2H>K#*urbLv7C(2GX^4=bllo=tk-G8Z~U^@I*IpD3; z0%K3V`KBl(;QjmeH#Xh5IJl+nTV+Ch11!XhYr=od4{;!g|0hhr^G=%bR&s~{Ln&v` zJxON=$0JJOjO1!(WiiRRBGT8Wf+YISm;hEetN|0i#{W;rdUjz2XIykEl$;71B~z?i z>TJx3O}e>}`znF(F0}S}V%8bbiXkElCC1-Vq>T1SNkIl+oSl^8@9X8_B2gR+45s7z z{(tp3;1r+PNf~j~B*I5xP?DZ_3;cUa3TAw}5&jOiF}evVMTH&k?rZGS&=$&P68JSe zeI`7&lO|_gzz1^k)Mzbv+34ge(JwA@^KhLnE%q9rT;0%AH73psm^IWk2iy?pRQnO>sfcrS!k0+;c4gaK5+}9_b@GO2|z;Zv9t3<4Hz_N1{>p{(`=+n4q zl_oPYe>V7|yO#m-Z#T7qrLMo4MZ9}l{{oYff9BPsHZgFG(Np=RtIc6 zm#?8*cuC@KpGsTWbRH28Y36;*M~`&@~NDAJ6yE#pXpX+$>Q<38_1_``ez_f zmYOyPq;((rY?4OTMwTrd*{JFPQu}Y$M0R;RQ=|v)5#cFvUiG=_@JX5YH~u7z*Ki}d z6)~d;7pimYte^|8c+#x8WqH{l$AaN%jqUjJ5dD6ffLDCt4Tp#fia;Is5Ynb?Cw3)? zh0hRuR!Q^9vR9!$%`t zTOEt!$KfUp5b}KZkeo)CmaeZfaIj|66Y*1&b$H=EB7OPzMweZnsI=jdaPn0zJUkUP zUTLSu_2Fk4o_O|D>T*>}M~F=QPwjbx?Zm0Ge4QjA1*~ z#ObgeEO!iZSEu&j4dl)IiiMhrxi>F1QnTmJJN7}K?yT2Du1_i6mK{h6O)dZt-Oi}M z4xWA|q?$;H|H~J>yhBBZg1X5BvpGPRx(+#C=!KxkJeTjw9thU=PKxedxx-y?`;b0`fh*(dz%uqnuIZ0O=k+` zJ4IYM0v~16rPpO=|FF7;Tc_UxgO&vK4vi%B9Nc9!vNG3ilPL(IwKNkl6ZGWi6(W$I zKSz#`8e}fW&6hDXBF}wGO^@xBXC^6WfhXoK5UYz)4Ly~P6K;bZd_140AP=7SpkP|9 zB?Xz48ZB*Wd1QQyIr(VDIao2u)LOu{LPcL6@piE!256d>vv2m&nOrL~BS_NvJi~y^ z38bH4G8mXjp6*3|I4e*Tii?Y-WFnO1Kb$5gJ#=QJ-3~CoRX}F zzwyIiVcSep)z~=x-D^=&${$MFlj-t07;?~6(s^u}LG=C(1=_Zv-6gzI!Q;D1($ z4z#zvN8EXHg4hVvEG?f(;qse$fr4_+GKfod>r-bdmyHt05Pd% z4_=7XolIp-I<}99efP0_784fHc(9n7p_8)df3?wPKuJ7L$r343JCp3#ac>?N8*ZSG zj=kg0gF609$7~lk1$eT4*{%$tol4)Yz5#Kpo^SRA-C0mcXw3SCk)2KXQ)%4lh z);#BOJJ97`n{M)N)XCy|4{yH4Ppb6J*LM37J(FBp3WSVahbccLe^C$hEGz> zw;@A+$Cds#_TN23fu*u){wul-Fcmf!ii>EzUxG91p6tz@-AI|`Ng*7uG~2UswpjqZ z)t`TGAF7J~0F9E&lfIpN25V#}5*GZpD5Z52LF^e-G5De_CHSDk^w2_{;(frmV(Fty z)TdBwi-peXFIpLV#!-$Kw^(~N%)KDCYiRLXvNvJcD2#&GbG#%Hjw#H9;@Ru%mgquKMi%i(0XT~>EVY0fj~?F zG8b;1CWjwggYmTK0EL6flM&qCVFH2Q*4h!mp~x3KzSDqG)zV8bo<+TKesa=^qdT#d z!J+A*l2yLfzpsmydP{^)8^Wsdf&1H!R49K$C zpf5^Oz>SxsU*6AIA6kKnd#W8IUm=_fZ5Vfn@EeCuFt|9R_#A=axe__=$sV0&&>J>A z+dqwupkKayqd)cKZHrzz-v_C&N^MKrX>M^X=FEEEwZzI@!l-xCACEzN?ksd+6frIi zO^MkwQ+{u%(Zh2g*GUG{Xxgwqq`Db3J0!HKY5H?Vd7cvOCBQcHPx*(4g1#k{U)fef zs=k^UM7P_rvnces^~b?B4kTf14P?&l>N=DjUfRL`Jw_8EgYLq~?`o1#g(F6@yVw=y z%5-YYF;%YS$F}wz{7w;uVqZQ^XQtIt$Y3(H$E+KITFbS78drae!s`1RRFpjA_k#%ALKNkftCe8(DZ zD^zz)*pc_FWo$I2i@{R0J<~B0g&Xa*+=eMUH7u_7T;@vq zme2h8+KT9J4yS)E&i&;{eKcxvSy(48OR9bVdChZl^l1G{jKMN%Yr9>Au^uBwb6u^$ z%gapPyS+~+IA(UdzH9|`Z8i6<6;vRRG(CBd;^?t{zlvqQt_iNmouRQ;zEjJMCoRYA zL_)p~*HcM{=Rdd_qyYMIE}HOB>HLH0JUUE1lr>Zevm#2#R3U`S9OF>QJA^h^rbAYf3 zg>HeIoc!tONlLT#lG)_=1@f*(tmT%=JO`(ul({)==^J(sGtwwjs(kpl)X1nTIwq#X zO74bo7-8&*l*yzGmHA?aJrAb*$$9q?LeMw?xiyn~RJ1s?Z@>@3*xOoH*ju1(HDGBp ztxTwe@QKp(q$!dURm)E>Tua38!cjxnE+q`)Rw4dspf6@a)zmEUr4nv5x`Dc>sfkG* z-mK#yK3(TQ?dJTv#&p~Lk@Z>pPuDik_=R3fsl7%ts9_q{lsY>O=GVJlSrK5u=vEn} z%fA;`zfGwV4w6{|6RHDSW%nQb*--bwkPP1aSN{pLvHT*9;Q&NZ1~tD!sMI*LLEm=Y ztWT(n1EtBDJ?4Luf&Z$MW2XF-zW_vH0y%Nt!p$Sp(^cB*4Gzf5SukpZ9=iL8_C~|3 z(fps>O~BhN|u@stkJ8Vo8Qnpo^2I{iH*@~+#G^d;l@F1$h} z+TL}E(q~`-{E@t{0>96r+(82e<_R9aX*h+mtAhSf4*pYHTsQpvPTr5f7~K3F$N%%L z{;&Sr!vu_1394$!;9C5sxibAh*1p7=1{jjS+Eae*1OAWpOEn-ag?TO%Ej#wW-N#{- zERa*;*c13a>DR;*c>H46+7$W>P?_t-B%b{wLi8Us+~1oI@p z(a_P$vI)GAp9Miip31r$KsUfg$xOJt_|iYw`>!8U<~3TtOnIJCvHx7$mPL$3wj!x# zTe?{M#j}5tqx-Fy`QCqUVa%2z+I`M#FNwX)TA~nIN42y>tOwFt;Z9$r@ph*D4vYEh zU#wR_BXCf?HuP>1rhJ^S%MN+o+40vuWJk#?tmg`$6FIE9`X$yJ4ynJFqE1zwN#hBwK=4nJRLRE8JtnE!X(zF3$ zy|hua3o-e@EwD!`w_uW3?!*U)>F{1#^((Pyb;WSr>ePk9^!Z}fnZ6;sQNQGjdy79bBNu0Q7o4?+Er#0vx*4~^nd5z-phD(pwe^!s-}A@k zR~f!n`KKGSvUl3Yjmj8k7w`kt$w@P;2Wxh8J@bAH<|ox>yZt9ic5x`OP#$u zU;Ael4faRW{qCkXdGq7K@2X3yjewc(>eH`-!%?Jy0l=^m$#b5ErtcqhmC!|)tSh9Y zxu2}p@AZ8cUi|sH% zzC*GuP3E<(Pus@oI{ZF9kKXnfY)ciF_k>HkG~ynt>^CsyMPv=k1P-?7ztOqLZPD9B@7j9o?nF zuTE2`yk~)@sh!=vJ#z4Z|S-fV{xz)JxE^-et;Vf^RSUQt2qwK5Y z{aqZUUVn5==xcxXkBjzS=EwZsm*~!Ve;u{mcX+w=!}cr2!Sqjf(IN;V=e{hT!?`$Hf=!FZ@{zo^GVkpBv0dBCpC)~TN&&+xjzVrUPYiqIT+)5p7zv2^qI(l+SBI?rw}~~r@~R69 z<7B$0^8pk`{uYZzO!NN!GBF&6ep+AWDr|j^d@{MirFpvT-j6{jUz?viL+|Y`?~sKH z!|d(2SZ93(nxdmBGXodz)2MkwKvryDppWA1DkmVyEXay$FEn((Y(qH2LU#fbguJ$E zcJXR@xt~t?na#oS3Qs9*3cB|fEwP$%I(hmu@q>Bn`n-Ud9=3kxlBr)-ZUbV&97nt!kphXZ}(`5{lS~=DgV{lj~3^N&F9%ORw-PX z`J{YWABBGK>{w~q2AyIERLl(=_dksviCTa2yr7p3RLZ%yVrG3#dirVji1vWwfL5dJ zvD-KiZ@=~_r=DsDeqVjXc^J^9xu@c0x1?Ho)1XV%Uz0C=Zy|@4**VI8b0Q+-5#JIE zC9hSoi|o(k%WNF1Zy2<@-=$ols>M7!lV}0ktpB9&1}_iazCDFPQ;@=?%zfK;9HR&K zY{f3t%Z}An+|q0-N{{@WfL;d4V|%Eo1Fas66e4W0TI(Dox8_ZuGZw zjog?MQE)9|Kh!Ew>EKc>)u}m1i2)bY`P<+tk-baLI{ZU)Q^dgWSF&c^YBEZ&uA&%Z zdTX`(8u%dV%fqV{4%Ul|<$Rp?*SJQGZtuUR-(LCY2f_9RuWzX73BvaNLjV1U=cm6C5J8s>cj=Z9ORilJe{6Y{qEQpHR)PHOw*Rzr%^W3VYdgq;)UhN$lG-4dA#E%s<{&uKRB!yWfbY@ z@>S)!8J1*ixIfg7nw=Ur$*`t>cK!TL;s^WB)YQ}^B=@Liwe~PN{Ae`hyos{&x`{Ys zgzrND0&NA>l7it8n)I+KrG!k;6SU_d?&6y>F6WSMC|njQliQoQ?M+;d-R$?gz%vfx z*`TW0VYY>QCzC}+K|y~_)q}^q;Ag4NAfrC^!7?_ue&=&zV`GkkD;m&TiJy`D;KwVe z{Ne8C+x1cN{+E}GYW$Vw!I|;*)1I}f8DCAXL;EJL*BT!!+~wlGnS7(md+hP&Irexu zpE57Xi_+;}Rc~F_9?k5(kL+Y$6qi2}a=#gPVXlHeOIuh|b=%u!m5{$cga1DN4a4U+ zD7?L$CvoEXQDJ?XYr$vcS=kI@6=pn{!G$EDI~THSi)r48FCh@;-Tb-LU)vi+M*VP$ zlkiDjy9Nk&6T1vOo*pkav zlFDaqlFgnn zR%a_(PcziHjN>yTE?#wiy`sNEKGb0{cLKRc9huvJgD}D#>80}NXd6+06$-!cBEI}pwlC+;SVM64F|Zkm393HRmIRbBL`p4vH9 zI=0_Qdtg=hBPTa#cJEt2QaX+%WDxQO3Ps^7zC}9r9nFoIAB!)&_oW3{XPZ$WP~l>R z^%{lN#wU{`9gwLD_^+THS~?_;8ZF=tUIviCDN9?=b5WzLX0A5T*1q>AUPhE31FUM| zefL@;BBEjtH7dYS+gkYsYzC8NsFKBiJT4O6AlMX5a@yGN>z695}Kw;K{@*yf;smTdJj z-3hm9WwDvNSI~AZK*k_|)cTBIB~g>*Q^H8dK;wXeu+n?ql`L7>q-k*)ycyNYkPq1L z^7*zhVWXwOh-OR30rJiYsvhs1#Ze+B2Jx}9^s6eiF)x+7lq4h3(IXSOS|7@cnxD7) z{A7DeK#yWrJpF}5d@e-e3-ywKUnZ^F`VFZcIqO9Eb`Kv(8c-MGILRh6d* zy01nd0T$Sg|69ctWIduLfo&;`)W!I)_KbLZ+4sW7TE+o|$q*D@tBRW!gbgl5IviKS zlAM^{(A|=2GZsDwGSRjanaRi?a^D>^PUj~uGj0^?$!j5YY5!H3`Fl&gSa3U(>q?h zb9FP+Vu%X#S?{~8$afH0a+F@j4SC+NdR1v>^{49arW5|!Pr3Q{AdDTFkQ$eo8mr!k zRVgj3JP_#uKVN}Rqi1Vq5@fEPtN)_D{EckuSXgU9Oo9zBCSM?OE@W*fX6JD~WfyvI z0PP9MDjKl(>91M-s=-v8x^N3??`n-0G2AGNTZo5-yHvSwj)VQGGL|5PzEXMJZG-Y}x1?-yUmv7mf*j9l&w69ezZ*Aj5K zfNDe|aV+{YPn@#I&~1GI`vE}b^vl9?j!bzh#_BoutDWAy-fgwIhN++?b`_g=8=cAI z-F1bM_@$1Ei@WvmhPBmd z&tYwSUxE*zc4Ff4GYcYQZB54KW9fWri;tZPNk+s?=YCr=3hEU; z8&l(?kHsM@N=wh}tNkaOpPua7)DrlRD=%N{uyas!wr-k3AL?%)!-Il1SX%~pE7 zjGdO+UwE@_I`DCjATkwvBm2HVC78v`(oIuNz9;2jwW|80Nqa0NjGQ{htXIMW!tI8E zn$HmVo_$r1*yZcO5-S}iXT-bLROazNB`!R5S*h7s_)1%i*N1u@4U%=rHu2H#+6Q~) zP0dp0)v}=Ma9<7I!6;`ZMqN&Ci;5TEsd76D4+B)WN#seI!vtMLFEQ(5;FtMz(uJLf z(j=w{Q6v^2TQ6m7Npbao{7WL~Z!2qn73HeZ*K{A> zycypeU`x_FM3Gy~KCA_*ciFWMTT+WlBuv#3{L)XDSJ%CJEuy613cvOy7+P$~Oi${& zpxPE_bnsKvF>Rvi;ES2=risIhi|-oyRQPfZeZSHx&;^TNjEbdl>)`v)sL-$4>l%T~W6$o# zWru*!{?wz}jYr}52@4Y*6B=L7{U=#@z6ODvT~@ET!%KU$+%WOmJ$WaL+goPZYH@MQ zTgUsl;Z=H*<}{rB9`gk1&Wu?&i5^Vz}et>r}1_k zw_olSYgb-Z2-D%V-Op&y+W3f+f8Hr4oBk$a$6!25&( zScp#Ne)0IF3)*XRwr5xU;mK(!qL-TFr&0vZI8Qf+Ce%h=;o;n2M>LOcGr}|Ql@U%SSn8{?o1UYx`ISPBNwX{BSgWDTP8RpfWzPV=-k*r zGrr@_E%)UEVd5h?u924OGolp{mdASs%Lb@sr;0e`9&4zK{IFC>nr0vtuczz#kSQNK z7ae*t{F3dPvKl0w+Y8xar)|7sNGd*2yY&peb*)xLc6~bpU@o;u}%e6!Ix;yT?W(&-W@CBOrd@ zm5sz9B*Y_5go>7ty`+<4cu|@HO(Hb+dPk6|C`E<`lJ5wX=d8)+!4cwYr#L}`!{6afJVro;R!4De$X`m^r zW#y@)Ic@_F$3(d`J&=oOhiScDvT5dP{jp)r?H)tPwBGzHvV@!E?xFQC`qR~=02!iE zNhKdye1^}@bL)&7_WF)MW6n}U%Y}A*{`TGq@i$pkW0yB)=Um52Zq$~;XZ$xCU&v4b zlS|2Kb8XStI=rukHtauN)KwmoJ99fcdT|~sGD!P+`VJ>gb1wPAgcl{rIO?_aal%1)ymac{7)nKeuX*`x_9npYkg0ktmgmUp*xl9h9y>MKS5YGi!m$tk-uW>hA>li1 zVurg2Orn;~3S$PbqfNJgVg&j(>oBy!R-vz1Y^ZnELo#$GsG(XD-&Ses-qbcuY;6T!*7 z34H*>R$YlhP@{&&qR+2g1y1h922k6DjVwo9e|gWfjko!-b5K+A@br!D5f!!x?bN4L zzDTO~cu=MsyF2o_Ki||_DjJk>00*&u(^XCoksP!oPOLQx>f4bg!!l3`RXN-n<7;<2 z$3PoKN4s>r_YIbDy>E&VRo=A0-H-2~%(&U!w{PbqmB^WzKllXCXzz9CLp%3v8Jdus zFeTL5yr*JB9dB$=BfqmS)Ic~j6d6ZZH`9u7aWnE&uETE*-*+v zxmi?-eobfP@rrE!n0?qE=DA>CQu}rG{gGCk)y$Q>&-zj!r*umBc}ugvjy}su8O}EAQ%#sklnq_CkM6$M1)YI8Qd79uOxWBw% zmAA<}ZxAxHL1yQNU9RbJzH!Ze6x$nX=oG+fv{|o;eQtD4^i14_0e#%8-+;bHS*AAk>o6uOVTNoa&oH* zdrb|xQ^evQ>XfUY-N038*evP1{A^Ls@B~}&}F?SMU zO!mQ#>Q9rqwY-spe9%M61d&Mbz_SVbhwz#h!sdauKUCNEFYUE(Kzr@>4dzU~xEQY(D2iFb z7r!a+^4Sv^$>`w+`6y->v;S?}>Mwye;5yG?PX7HO1Tf$K(qF^-E!FlFs6PF3 zb^hRTK=iP2*c*EvP3(d>P-YrcRM`-iB1;qASi!9VuCC+4jaJ;!04Efk>R^NPbWb~xF`H3=q*JG;UVfde_&9zkrB}(L4+QSzFlQK zbNZ62gM)>Efq$=2)z;*@YA-UkrZbiSkBpi9&` zF@S-AApH5UIyWQ4N?#KTlDyg>gX-!p(TcGfP8L5WDfURb&Hgk$IQzQBsxmPFf7i2T z<#D$ncILt`c7o1iN;=0^;04YL&!0ULIOOz-3tOs=NBzrD#Hb^b4N*C|1d-xxVQR!L z9r_k}M`s>ys=hzC#=Z+6mga0KceBU=Bw>wgOi)L&CR0WOdwW_BzPGyeo6&BvvD^nY{-RDRx+$Ttp@6+}cxL7>L|e&`RoenLrzG6*GWUwdycaR^_Hri^^JyJ? zVe&c!^qSbgMp8s|PB!A&P4M97`nK<;ijk#T2bQ&Nw`uq2=qO`+)Pqg+G_bmXt@V2? zN`k^&PpREhX$lkPrZMT6!~?Y^l5n(U)gZAMAWM8>RYw!{lu7zchvq@@>|SP(Zs}Fz zblg4X9@d6<@lrZ@${VB?VC`oQdSI}Fw3!r9zrjT5)}x0W3Wz$9#JKu&^|Zvj0a<#= zU()aeK)1w2u{|-&2sV;8xgMH9wA9866_vKe2JxaU)>HR(QD>mQt>6373#GGo)1Jo$Y3b2DvhYP6`A$V;z<-AHG%UJ|h1D?8Z>&HmUZgip7kX zs{~5^o17v!hWNov&$doAmsq>^)36gEMGarx(60(*n@Ccqu4jUCN`{AqhRRHbMENzH z*vX4ucldrV{2)IbRO7{-!WLEy;EI*IzwJZD=Y$%KhML~CgX-4JvuadAnQS8KaY5m0{e*TE2{5#$a@CD5 z6xmLwxzy3eYBq_gP{a?K#MYYjQElUKV#t`*m>N$v`vFmAFTnEwbHY>v)kM#2NLK;+ zQ`MzjaTQ7=M!f;arWvY$BM^Pa=ozR+SefXnFdQ;3U~M>2h1L!ok@F9`cs=4_W4JVf&pK-yyT+j_g>>5U>d8J%d~DteC>FaPzR zEcA+niT=4PJ+m!IeI!wxA$NHH-b`|%22pLLs#865G@UW+Wqy-KKCbZ+1uHH(Zm>sC zwr!L2f(^5|60@sDdBSjs)a5xcU^dR2camz(>jBjyz)+j~WvE%rjp|IYVpB=wkw?l% z6!&QPU;1uD)sZ8}TUMg|z@yZ_PBwsvA4f@3gZP^RTVaEO=1#{R+@KnlE8a9o z=EKc1L`xEoFUt?AT4wex;M?7I)d6=j;KhkX!UEy&1ewwq1}Zqg(u&tqU9($uXYYv7 z3(Kh(L2o_22%2-r7ROlcJE{3gTlhnOau9^`kF90f9LXUoWV1pIlx{+ebgaHbA_(d< zm_8?Dm=uZTC3AIhadQf1%ssd1ez^nT02UOH@}5%<;C~JQ`w3-fx0R)qAB&h|ld|1p zQ_s9P>m(25a>6mFF|)`QmRCJH#p&0HZbU4gQAO7u$k?#}oF*>Gf!Fp3!7Fq1=-hz% z*o=8Bgml@l(n_*{-ccU@{7?Cc`?36v02q#N-EC)g6iiWS6R1jyNu`t`p-tZe8*D~Y zz91}n0+`12^`G0Di7K-jZ?$lM744so^2Zv|fx69}8DCb%q`r=PW0eSI^V292`Bjf! z7ZvZ49erbimm40CwhJf&=~W0NX;f@SVVpO5=g;ygFC5gw%8|a>5@jSNEkNY+qE2#l zFqxJA74=qL$d&vYIvUHEGA5WP?yBekUq0@ry&O<5;>117X&*24?w1)Rn~hVV?lix- zcdXIf?=_tB*BTZdgCNkP1IwPGFdyro3zZM4ks*HX8Y&C7SOl1Gmf!ldU!4dBQxt~{ zr{gA#jpCfNCF&Sfj`>HE6iXG~Fe-u5TKdIG)^0U`(}(f?ar$qyr^*YM|6I}gUx|!r z-hc}ftzUXmBLGJa8EXPu;w{gJEW)2HCq9-M*wS@08t4xkHydIHh+)zeK1jpVzoR~P zJn=CrdA4i;gP`Xg=H=m8WwaBxOH;0yJgkbuR=MD%WKoBG`tpnZiW=y1p71~{Xy z)v*74;(x!M|6UaTZ)^pi#o}L^%SsCc!qyXu$bDA9*~!=uQC_ZSMW2tqt?c-zui+L!|1$}eBqX9_rF)7ynw_hwZw^Z=fK!8k85bT*30crg`k6XQ zGyTKP3k|WkBh1Ts=qyfQ3lm5SYl~E+HEY9k^c!-IBy@FkSK7KMQMDF46V5PA%n>7{ z7opzMJPidMRrS^E985XM^vZilpZ#;3I2WY{BTxAti$I40EA=>GXmtm}y0hr}?r)WG z!SZfp${LOpT4nWqg3p4R2_Xw}3-4Z?c+~5nCPyMpU=>pQ>#N<>_v4amjax2-hlN_z>;+@2#jK2sV3h zrIPfL)|{vE4F^YVZ_vkNKq_@atyq!@Lf+@4=|hqzA|BXjv9^inAL#HrtcO_KR#8Lc zGD|C`%C9}|#nrT8O`wl3@{do|h6~i23pU)j*4o7%emZ;RD&8O^am>7_$-wocD7S+0 zM13)rpOe&=QO(q|Zp1o%QR&6N(PlK1%#c0SZUqYq5_t{cYuwkr7O2^1Cj&P<53t>G z28pc6GgY7KtxbJO$PVq}Bn7Qr4~$*f`<$H}WpPgo#I=cR$8ZX8DFNODxnpO>$ZQYxhG{GN#@RnZ%C|KY<)3VA8##>k0PDP=*0Ypgci} zY}9aGy$MpEYGibX?-WkOIod2ZiGw^{5%S}Q%%Pe^6+fXWZ=DL=T-wO1b%9nzPsgrU zgGv9minbZ-tiym|el)WiFQ{15v-kHFLlrGJik^*T4VpelOeJn?bG-S|Z z(&Fu*>g6L-whEuAVm2GYXJdgnQPh-=_2u@*B#HQna5Ydl`x0@+;)L}$Frq|mx;JmA z3k8SOJ>z6pF|{c?Z^C@eE=_O0$*V*+Ni$0-<ByHM`O@#VKgMnUHn#pRL#~&RGr~LFMWwJIylq|5#=d1QJ|te|OX-I2w{ zMb#A08HXP^TeGGjPo{3%E78DEt|YLkx;o8AqY}Cx;)Aa7Xux@a?qnLJ9;LzTipxap z29xBjGGah3-Jjz*gFjYSIQH#Z?O%yefyBA0afYxXAf> zRx^5|vFJq&KFQ13Hsi~o9ftB$x+7Z#W|qF$nd!PW&vxyJZ3}-?;>*!7Hzn(=XvceS z!wplZ7mys&S>qdoPLNHSKBFlYSP%@9_ zQi+Y*_9q*IqVOxLtYlt3Mjh8ka<0ZbK4SwKr2)X0ZPTVUC63gmi-(++gMxznpe)JW zU0V1yrqAC+w?5Fi+d&8SOq`D)_v08=7fQ%-Tpvc%1b~3>yv(EN2?~DkLG&|q(sL;q z?YCuao_5C44EcE_GEpwrJm*&I$SDh^oJY0V43PP(7Zc%9du;CmIspjxlmFBUf_&8# ziWK>%>e%h=L;y~JKuBM0N3)Z~O}(SSKA&7iCWp;#&*;bgX~Fcl@3kR-d17YD(htZ< zN`{~d5CH|wn3XPUqS`(~l?PylQYh?P;#M zs+Ih8@}?|ia3SyRMVs2BE;JpBfbi37Pj9a>K!5sKP0&`mS<+T1bRIoLs!EZ(GrOwF zkseh1KG+*va$lJ`Et!z3I$;h@^@0Q`jKI-+BQ!HLBW!AQ{6M7^J=cR|&dDxLjaY8e z*haI!*E+HqQ-Bj0k@z`Ny2OqM;)t}Ec8)SnkB0J=ATCv($AZtao-w%iJ1;84q{yYO zCw_;Am!FFB+c;xYiK%4HWO_VDfH`lQ|mZH<;~=~(C6WjjHPAvMEF~1mD`FE zAP#&Neph30Efp1q*8x~~qR6Mzn-hF}$rs{AcPa69NKwSsXy`+>R(pFyxk-KZnW674 zMP8dg>YYz)f-3{8&73rFG2K))dk`~vpWdQ;dMJ2Npi=q*{URw}ELbe3Lr&Ph*~rQ< z5$n-C4h>&L+UmJ9(TkTUlCo%gFOnnJLF^2+(heY*64LLK6)n)pp@qJ{PUrW`hW)FL zdaxvA*_E?MdRp5@$yAk{hV95r zAFCl?Bp%BAvH9R6CU2RYP(J`8;ot~7!dIMSD9L0llNPrO#qgk3<$6v(0v_gRm?F}@F zm1H`kf+QxIC)N#XD=lx7SO$7)BfSMWyY|MyM)PpF(DyHKXsruuIkbXs*ZWj38%!9= z!|f-KlLPZ$cxWr8rM=`z#B?qD*RA-HyYdBoe&g4Jri)YXTnx*4mV+CEumBAnj@RtD zo{)M|a+D*&7nJdMkv92+GGl800D+5MXdB9stDy&O$i^u(88uoU(fvK&21aL z4(v!#V8j+Y%~M(e2rH*7LkbB~^bUck60fmW1nKgFW#Ol&Z(ZjB3W>?`N&Jg#DG<)E zN?fzbt0YmS|3TVY$He)CZ=Y?Ug;Jz=@!}4}-QC@-xZ4b_g+hzF4GiuM#l5%>?pE9# z28W&YyTA9{O?Hz__U|W|%yV+ib8fk=&#hJXDj%EfXA!!CAl}RqTv%~?@9AF2kei&1 zh`;#{JY8+e}2^$Q`scMNkP>U5pfHbO!q?KBZ(>~m;n zuSPDcj!9bBOk&Cb(x>-`3hDK;{_CJ;FsjA-5m`GieCJI)f3sA zDY|JNPI$4T4)A~3n<;;4hJ&7>oQ2x&=%~{f+b-)Z31AKn^T^#4&bj;x-*N_YK5&rJ z(loiKhl75)HHLzdKE~;EORchJf2bK=_;dT!-+b}?E~a$H4|{`T4vf3cJimJf_p7F2 z$stlvgwD>+Pdv@9LsMOi*oJj}AGE$UsysV&j>8)SJ zAVvb7ZK5YpObn`~BGQRb>e649(t&rFx)H#eu~MQ>niuo6ai6q0-lWb$`PKhcaBrlo zRjRfa)E~G0Bp`8?xaO)%>ZD6>JD*un7m`CDMaYUjeKAeKQ?Y!TELWD{CT;OS+Ly20 z0vpX`j4gf0YQlMsw^N;$xJ_!}WKd8B%8z$SuJ`H-RjUY8Dvmg;Ct>9G-p)WdgVHR;z9t^R9>iIpTQM*a{+hZ9A9t{Jc$Kv+)ufcnmSz}|BMYTWO4%flUL*ne_%mbL;&+G8^ z`e|3o&Q~3xJuxgr4JqT=U!*lw!AlXruf8mwJcy9HZF)HE$^(NE-=+T=nY*rCTSA|v zh1r|1KBBel=;%#Q*9<1B(3FN%J&Bv61q$m3if?Y>`e>*+G4KM?F-92PY)Nn_)3H$k(j8^x+qi z8%NO`iIeB+Fzmv`1{i+HRAH6d{=S|8M~+4OJt|e*HIT)q(|odMCIpX%+Qi06Y^v9# z`0MmRp1^cgu3<)@59A#tV$k^bxbPUcB5~}#xq+z5C=L7-gQ%i}l$si58=X+XboBLQ zJgR$=Y7ItB_)^Ov?;$HW888I9W)M%yBcrFNV%#++5m1_oT9`OVv>h>al45wA8%PO7 zRAe@9z`-sM_l!?LQYbWlH2Uu}&HQO7_`T)z?@{5^^R4b@gmz zbYb8~3I17i>0Ubvcc48H3kwz98}Bk6PHyFN*BvJh2UA;2O+6Q{)30MGzkf3h%jd+{ zzAJ}&Rp1uUA`ePn3&(h}m({xvMLT|3_cby(;F??9lJB&qmwoZNK_8+KGkdU!qx0Cx z+I2MYec42-TxtgHLXzt{8uzmaD%zgDGy4qRm(wP_{TCgD4uMok6J2&az0EaUOzqWe zSSFc;v^r|(yuHzes%#pY7#O)(YKl_&G$S>nT5b!l+^^mr@otAK*hxwi%gPqUq`gzO zdVgpqXqX(EjE}1~Jf__1 z4}*DhFQQ+WX!_e5>ZagkgGULEGmQ1pGwt^?tNVGGbBl*7vR7Qz9@?o`l4F3Nl%&G}B1r)dyL|B5~@sw)}?!BSVx0{pQNy z7stIMrOcxvNJ=HdEc+-If)C%Kb+#h7_<<(*d9*V#Y!yYIKF+M%qQ+6$!l#Qvgu;;Y zTFWT4`V^X8I#Nq*^J+z4{`%xVUf!9S1l$GedI?JeUwpD$J4y`@u@&+~i8jP?sxQK0 z-0=ATXZxMNp+p`nWRwiol@E0R9q2VwqnI(2Gt5KhvfLSv8o?$N_<_2fqojvS(%P@5 zTH3^W>d)tzrq9!~Uvj^Xfd~t}T_@Nug((aSIhsjN1hAK^=Sc+8!Yz zDJ7-g?r6QdcF%Y`tU-tYM_y0KZu;NuiSNfO3zC)tVvPJRdZi3KPp3%yoNLxMcA%Rl zb$aar7)fl$$-8m?H5nCnY6Mgc2F~OmRIw%2wMp-`XbSxVB9Xrb`=tSY+IRf6{ebad zFy9=Gzpbo+b%%kJiM*i^y}Z8;Y|Lpfeube1OS@1Q9%M0-qo8AzAi_vigJEb^ z<-^`1DnQaSAh%*fY*dnfB)~KWH)l)HFBAhb#$G%Tk)A%k>;dE20%cn8dIDo`65IZl zhQf-XB!@OILD;2QJmw_QzG!5-ZH|g;xrUpT)E!lRa*WO1RsH?!ud<@54aovwn^=HX zX^j$CmchE>c=O`UhsPc9`0bL4p$Tz*D|}6p3_Gi)oEX?r+Yji8nZ7EYpNAPm@}5Z; zK!tNAg#cT2d&aur?ES>_W5SAWI%23$Xe2#jxqUZuo^QT8=~F~m)KSRveC?L17j=1E zJ_X%v4@f#;aM(}ycMw>IAuJ<`;Rfxr9j0vdySO|{9dfhrtY2#>v?gm>(XA`Hhy0m4 zS;S0S=66VUhYPq$)^om?G4gYD%T~lQZb|sB_eySQQR7io$g@QKlXQZN&$^Uir+0@7 zXXsE6^S2Dn`KbATEVz zZBlcs$b4kY5OEFV-q<-fIoZiH5b8=YJ@&+BA%Bo(AL?5UuOHld|5K@73R5wiH`wh2 zGf92kQYDvp#(KNgyql4R5j6eTQHIBN5{@w^7oji_?O^)eFs__aKibRdZfj}_i7_s2 ze@Qc%TXV&F?e`ZXj&-vj#`t%GG?jvP;=JXS$opFu5|9(y(W@v1qWT+Ju<)V`109*k z+n$e8AuKHC#a0v0;?A6}oH+TnxtMNOR>Gnl+T6vh*;*7*)Re>2NG$+$ADEG0hHsV^ zq0%L)hjt>n^Vw4Q*b{uEXswdvCH50I@3v#pU~Z}ct1ijKsnn}vd=%N2naS1e)xIx{ zpA17v+uO6SpVSF*m6&*4SdB%k2oB3fU9wEqsPfi}HxQWUQ=v4+#%`ljnQi-=Gj4>p zIDw^HUQ6X|T09XD*qV#Mrqr91ZGfVgoR6T>AWA}+eD$lkN!?YHG9F{o^)cugPV4l` zX`tT`icT)H=Y(1jUbQ&%^|>}xKhx6d*X$)@?{6CTF<>??9LX7J(?uhKKF&+AC4j zylWL^f3tSQuX|Vge)9A328C5yZ`-_3?C5b7JCf|&tj$G0 z)NHOQ*nNT%&v#^98SwL4uU1xi)*}J3q@Jepb~+0IRk|!w1BpTT8zcNqhiTAfxPIt__8(W{OyU8igsHA@b023a@y zIdUjOF-A7Oo^f$Di!~=MM>N+<7~5g#`zDX5x3CsEFZ$jZkV4Y<39(e5jo3RA{*8UO zW)83TOT9)*-4M&TR|2CRCk}S}M3%+^TW|$WovbC_@Vj)`@`=4`ZP%P|$wHCsZq=-d zVs^|^TUG)Tuf%IvQC#$9-P-wUQ;FhPMQwT1zsCS1_Pm`BKBPs=YbE>O3E;f@+X>%muYComrx=%8 zAi|zrF5630p`6utb~pcp5N+}cVJwH-oO5=o|CUl6MJ^_EUh56aiyH&bF@-}u8YTAU zw|x8eHPn1^aU)<$#TW8&d~W8wA3mu-*sVKS|NBEClCc@z)^D z4CVQ**#V{+(!b(Y+_!%>*Z-Ri@&9l0cyeMRj?f@X{|^3?HtwtFaEj zX9a16wxZ0W-Mjs@)7A6+F(K}zrl*Sqv^Af*)#x71>=SqYnicu~>4@E$!nVt2nC|Vz zW2i_JGWX+P+6hzU)8*wr7bh63V^-Td^2b2QE7959C!*rk)>>i&eF1@>Dl~LcRgm(M5T6`iqPAB zhAY%p6=JfC^e+kD7yzl{#(wB0`hz6Sn%=v0Yi`Dgr%pziX{yw@6LGmMOLTHLUZf>M z$?uIpz;i%5Y&5Am=VxB3rQUJkCToJ2)gCX~vF~q@)k6HX-g{sa%ldaV zh_p#Ep#$FP%cov z(9juQ$M=PA=94UZqS?|FeMY4NLba+)T^UwyP}Ar?(km3Lj%eenk4?#OzK0n|Zz<21Is<%-3^M(Bp{S(sLld&K>t>W$ zSMztOwp3gqnK@TBb&IK#ApHX2eu@1F5$foC)#7qKknvc^;F}zKmGc=J6kSI?@Wi+F z=#RR!-FQF_J^L*CaS?kS5c9Z9LiE<7(-hj&_Q-U6Chm^kWj0+Dyth$hnILb!`)O2` zacI}`{i+Pl!(-%V3##W++@xd6?SwzfOk+5%RVw)Kywc%#^?7<@dt`nEOmsG3e;UMz z$c?lF!NK}_fWEhf;)pAEs?O$+&tfdP(vtdsxNjFmV`pf*mBZvnj_tD?|g3{9hD9KoRI{xtq(iS7zq12 z5nQ^?wx&nf3S5=V`+aGG+zL#@wUrrowj1_b&$~$k4Mbt~Ht2d<`0O~EIS&=P#BJ93 zPcfPh;Bxr7=oT_a$2~)7z*-Adj+vXvw!H9WS>SM5qzfIi6y1pH65z)e-s8`(G0PL| zADbDS>78LF=U^p6+LvCaDx=?ZarV{1C3*6-!M=#%&vdex`mE_{g_qs)o1EgSl!zLEWLQ#QT1xs`=XX2=WH=JU z9oI`aq=Gx6^=*t4|5AD5ZDilz^Ml-U{WZUvwi|Ht_O|(s&U+x$ZPTN^3FtPiS{j6s zZ^&op3s`CS3GtxL#yTH#7V7Xj#7uMde5>kZ$Hf=%98o)8BjnY$==NRuV%7WW9OjLk z*Gr4IB(9dJ5-0i5@<5y3=~Ly)eWt&@`;?%GbM$n(A5{-Fb#$xe8urWeSZRg-LYw3_ z-*nOhu|WKrroRP$Ct(Dz$c;8l^Rnc_F&R+ zZGx8hNEv4YL!b3QTtUHjacQv!u8!5A!T1qYdY_a85trK z*;!$BKmBRG0gX~KGU&(Lnwpw$%{XCcn$PtS16wei_mIlmpZTLeo4&KN5a9_UbfS2% zvLc(D2Cf+{wMjL6c+|Ln_mmuyLabltno?$0xELlQxv;iyEU;7#_t^2v)8q7&yR)WR z?(qjKH>AtU?O`JYc!prWB%8bOD*-mjk-<0hu2)xD1=~2PaR*09W94#WIOrercx3l~ zU)e91K$OMSuNHrAm65YiFj2R8IT>%ss}g{=FIQmGyrJP8l~v#VR9^@$xbR$l#`2X!qzh}dN; zWhlbMv7Bn@?)FA)*P~BCWrkO3D@ZNXb-C%RO(FKWVkq|>mqc^R_adS=k-Ou&Cit3( zo>!Ir2Cl;fFPD30tHH>J0R`VLdKjF2AG-S;+o6js76~;g6`prbvmCQMk*h|n596CR zj*l!6)+!K{%6E~$GS|;04~J`n&WxbOg<Tf`jj1Z6!L{i<^sRNJZ5kD0s}O ztegUOr=U0Zp(%qBb>P+pXEOcMT1uH>x}jrLk=G&3LN$x0y?$9u(+>kZup}aiOgXU@ z!TrFwPH&z?QUn*P{CmaWuuHjOhQjK`ZUL0R?Bd8Smg2#zk7wQl1%z5z;((-s13ay1 zc~b%gUXV>0Z`ZZ1}(l;m$fHuFq!kx=p(f2i_*A5#bw)^m(N}8L8tz>$0^esZhLjCsdu^`EZa(}7> zIM0QXN*OH&E`FGc2UT=%l6KwjJuz$LCS&Y#ROj8h^ zAtbqcs(EQVX)+oJ6w%AatCLk!yQQBKsvTY-w;X6b5M?RtW%asv-mNse99rMh5!hHb zt>WbIzGr@E@OuI_=)Vm77;7uMs&^CaW8>(CzShGJ3wa^4vn6&`LRNy(W2S zeXfhihMupf$L_82-wz;{!!orMF zrI_`*h1+WMY5Q;n=AkOCE3Pu3J(FR)x>{mhPCidCZ=hC)w+-Dd(>J1IFq2WMfR72V zGzMJ!&v*p1y^sBtW0MTU{0?ht3vA-z;3$6n2%G#)PP>x(re%k3XMrlg!cajs=7qL$ zDj++y9;dVD@!rkrl)H_Whlw{`+h9%JGzt(bx*p+efz(X&A%w1^umqeUUbZfW^(bp% z=&A4!BTAm)x%AB2zj*uf4t_pG3^LxE=?eWrl}TJp_<%Y-QS(6*d;%oy{IP zc)VznI#+lXRdda456tSlxV8ZC^$x}zkyi3`-u~pY_rDKDdH5B}GZJTt*&sk|akEx= zH&@t?#J9^ErC|OHTw){fJ@2a1D)W7@bK`L@wq-#M4O5Cze+R>;U!mCG@kWcQ%^> z4HZlGz0opoR1YhQsP$s;)}O7{aP=~u#smmD7B83ADs_DgdDyPEc6r;*=1R2$+*_NB z_qbg91S`Q4eRo3+B^};A68%L36gxMZSnuFfQ)IzlJj(QKbyZPGMm*S;>>uMuOvH-xUwKc2KZ@*g-x#lnYs<~)9xkmZ3dMW$8q3Y|-%~{9r zJ_#FjiOuaG@v&1ksha#D(3U(6e(~6QFVm^>FT2Ttmjakt%(iENmT-|$cBw|7pb zJhgvzz5P!Xn*uKWVN1|z*tlP^q6jKq0bY;);gEc}-40hOdu$J(ot1Cf*IU^Rol$DT zQDx~hAdLNDOBUtWxKpx%4k`yXMVYFB9%dbRWJ2$6n>pOu?gwR9N1qoc-r!M>9-kyO z*z;V?1Y|<|03v`sdhV-DXyK{vN&h#8?$7Bu*tzzdA z#9-+7aA_1~A}yuBf(&{_ z9ARPAgb^eOdz0Sv@|OLDJ#%lByw;9HE5zG36`G_F*Nb;Pn|! zviNGmCVa0zf^ellT4p0~ZY;m84H!LNTRieaV1#6M$TWYmpGwVn3O#cjK=@JnQ;z?3 z%Qd>~AcH9W4+-?{ZcDzhc04B?3Zsb4q6uD=607JOsj16bnv7*;GL}{e`A7(A;x>67 zFS>fWz2jWcRLDubY<|q}J~_E&K8>axgD$TJ%GKU4N)gGiCxeYC!%~~Xb(3Ot8XkV= z849E%%r*&co)!wtigQuGm{b)8t<1Hz*O~p$?KWrl^?La zd8KakY`IHTQR@=z-Uytu&&1b`q})e`QMH1_blX9!HA5UA$8Mp|<7DIGhb^}vqRCD532!G3U zNZ+Nh!t`z6hi<+EgHt6r!D`6|`#gN=-zpnJ6(#(S0V_%sMqt~Q;#AJaT(GSqULZ$c=)caHh8FlRWuq?hq^EqUqr>EXujrR`@j zTAf&h^X)kwCMMk_K)dp584GmDmCtbT((u*nJF}+?$)etfu0WEEW@tsUevK81d2G$# z!olvEuY2Y7trTjL@9oISSldOIT;S%H;Qc)*f|fu-Bj=YwtFb5O1C8on-0yT-&We}E z&0E8z5*cLK*YRf;eGhXED+C}uy^iaDSwc${hRoKo=vaTH@4Z+i8>K1KwS$@s4RJhD zjyF)SY5m}VWbN+05TOjzhd63~lmaXYY@{OFs-b48qHfOx&y4HJJqr5n26IF|>knaB z**8eK9M(iKdO(XC)`T+Drd0XTz~z2sPjZvh zfk?Via=^nTC5_hg6KG!&1ca-=%Mw0eC_xraJ6*DK-+Z4DfF31TI^ncfdhnprHE2vI zy}73_gT?xmC{Q#zPESgL^}#66G()1~y|w0lD&QPOt-K%Y0Rf$Z@;EqilL&oSIB-;M z05?lDY>>RNiiz1nvH{HDA5q& zD4&0Yd|7ZTOZQd1z^jqSRVd6LgxE0Py+rx^@VlK+R%Y0&Uzl)589;?!f(rCM7}Hwu z-!+Z)cj~#(SJUwin2P0c@O>;+Xd#!>md#aBOLx9K)`~U$m=b7hN@N+s=4L83*<{h! z(6Q*hXJ;pZ-t$B#_OJYG(Y}5BFS=_uZRq@gDe)pvs#h@7q_kiia{D^3r5kFntJMQ z3mXL5eGgZ^Pdy%PY#lvPhB-69a?`Y2@gG3S$)X_p(3VR7TVE}%{-0SLaI=O|5d}rQ zrw+dN_Z%(m5^fo39%__v?)i;=k5IkJMPQ5X12kP}<$PLC=;@Pqxw(@imWdTRNp6ET;Z|-u-Phwe5*;_a_Z@4n`{I<pBcqu8^yHAtzV*`n=%hlh=h zv20H)jaZ*c3BV~8+AhD#o3z*J3!zsTKY8`aAJWX#v@Yg;Mu0-x&o*Zw|zt*eFd*Eo<%Suv=rR zbr#(EU8$ng`EWJmM-q>h_NKa|kT&t-%!4h-^H@tLil`maGwH^;>8X&*$}C#~OVfx8 zI-o#{RrXQH_oaQwvH4V+SBi5}{E2MD@`+oRMGk>5d(+s5NJFIWksX{T7$W^4%y+x`)jR z=8OB2t5GJI+q#7k3^V)s-{Gu^=6G?Qd18|n;+*lW60~GqX@?r#@J1o~E9Fa_JbN4; z^f#n4DeG9IiHy*gd;zxW`5#9zLsnFX3R!U?^8~}rj-&inpFEvfJirE-$JGysg_%13 zWwEqVq@Y$O9u`~CfoNF`sQiM$?O`~{&jA}~1HUL9^`roX|!{gD3W zre1R&-Z4yCxbjkoaI>SbPgdLgA(^d~UeQ$Zw)DmO8r#-C!p=r7q8jk3s_|d>?JdE_ z-?`?LK2A5V(QTL6Zkt}wdW^>1LRvl>Yn1piHHTeLzvhz(>`XJ4P(lKZaUw-kx5wT& zuJ*?BelXAxHw6;JX8%A-8_daKWzXx8C~{X+iu~YkJrmvPR4>Q}{T(|uD^z!~gjtRO zLTza>i~#H0U#{pIf$u8{i=~^3gAq>J+`3s1c*H!v?mUKs-Q0)w4-ffxM>wq7B>e1s@@0K|Hy-iqIUg>N8SGJ5}3%6)( z61a_Qd1<=V6ZLHCIhTq1A#r`}+qPHEo`uR;55B> zO2J(L)LZAb4cZj^U>cS7O*@4UX!30?qFe6uMt=!28v&ah!omkOqqSc;D@Sp1F4>Hh zvlzkSRB{yYmqqQcXOBc1~xL=T=B5t?=b=!8wZDVDE zE1mJ_Evv9m@vhW@x-Vy!j>Linto^2^wDPdrLn3=i`8(&T+vyL1G*0`)nsvc`*g;$Z zNO~MIYppb**aoH9Mlip6Wci<}1kOxI)%q1|g}ja*3LoXPheDU~>x8DXNbG%|+f8Q( zmqyIQ)F%hIG|P3*Exx*Ur>rjOny~H%{i4b|LK#LR?rF>VdJD1NzVH=cWvlon7#K>DRK*Gfvt~dM%CqzW zD zj=p+kO~xY|LdNrMnEh(~i7gcE)gPF-{jWI{b|*x_r0=Wl^mEIuGxyAjN{C7J6n~}; z4SCaPr;6>%$t6d%#Q=ZOw90g^M`bX&ZOCB>_S3vr!|LS*v!XSTX0_PO7n}uhZgS88 z_xtudN*=#8wPaS^sjvlZraiPLhixIp`$|4ef6P=tpA$vchPPmxNRM`yKb)$F8-ZHj z_P*-qa$UNfGPKCoa?2ySzkA!?2``5HYp#Lonob9>FZat-;Ej8@u)8T>+h=A_uF&c^+JuSf@4$n_9Q;r@&oo?$VTjVJ~yv5+Q;h}Q7RKC#PYI?JdJ`>P= zIat#2dGlXv!YeyBfAL)(>C zbP9tNBAqV5_PQ;1b;<4L6kOM5SK+KYd@v&Zzl@7?djz$mnxCF9Eoo8mD{-}}otF~9 zcS%Uz{YRhUVt&O8)XJ~bJ!%ZXt8%1N@_AL5iqbY<+s5A%7ps~kqGnEZfKqYu;|s@b zzvah^i`CGKd(COn@=?!NY9(r|Ds`y-UN4=d#KnHRAyiB$E=FUOZ?}d!$dLNbR^Ys= zxjfTvM=K)Do8(SMDk*Kw`QfCsz#L$KQ!Ad+IaIZ2TWQcxnH9rwSCMu1n&3k*zN73l z68E;T(6c%}e-w{YQUhzgG{g>A@F1_5l$O@Aq%xPAEuqj2wia`xz9Gbl4<5buTGwg| zWSdPOIdP?H25)n>zUnMhf(#DIRFX6>>rI5~kZ(^Ewj#zaRH2GnG0GxdfOV-7W_hgVKM?3F3zRGV&=A7RHWzU$qJWf%-Nss9!BsLGvzg*%*8bQ71)I{Ops&{dV z3~}E48ljv2V@4L{Tf4XzI#|R5gVH7y=q3=`0#rj(jj@s%aty2)bn8+T=&9mA0PGJ# z#Z?cB+-O^qVHAzOTsKCh+P#%b-?m-KF^md%%hvhVq2WP>v^EO&cgY57{RpqZ(Hs*D zKY5-Fkcyf=gqR(WyXMw5rCae7)TyG7dETPo;Q{7p&l-eD<~zX1C5?R?NiB z^uI17A;WJ%HDIfXmRxEUTWh(5@M)E4pZ|uC_$i*K9Zq<8zk!G58B``s#KS?`pgkyD z<-Y(c2bHLjGc}`xuu@992G_FRXoo}N>*KGz#|>-M)U^b63povof&UEmHN6s*406EL zn(KDPXyQ^qrQ~0fa4-c$Wk$!t`6w{T;}yCzN!5a>=(~1HQ2)uF&Ej#&Ii=Kdg#>rmUf{Sf}xwD znN9(F+&`7XaN4PV4cC|I#Nm2T-tDyHG$po63DbQ9EeFAkbdB*|;#2$VT@v5z3g30{ z`<#ydwcwnp4vw}0bzxl}t#^Z9Bs|-ZUhzgX8wQ{29&3X5_-Dz9(0M-{lAgpInD?0 zK(#3%f~|fXYRcj)YI(n2oROpu8ucp%C`19!sS3yd83c!H@!$;z32W}@XB$KW)!cWHO6zz#YaTrM%u}%~zW{GT+?pc)qW`)^~ z-{@6Bb)H=FU7t**9^-G(`%JLI75hi)$h-A1;%7k|CvHOPb?2cU-BD)Prd3iw@vV@M9_Xn}BEc1Ty z3kM~}!u+cf^Q*&O6^On7RA{(iNX5cv-fgpole_6%7njIfaPi_45Drbivuuj9nAHJY zj6C)W>y6N_a}RxxeMA*G6&O4y314T~V0RZRe3UBaViE8!0D`UXnbhm}njrGmc>x)Z zd+bQX0okHm##MViY$n-gD1#|c_S9OyG9X5UJNP%GU}0_`D@|!tQYZet)c_()^qj&Y`>X`%KD!HpG-}TV9G$Tm%4z;BCr1^d{E{!@`!yw91_x`>HGg&tsAL} z{ad=;oJR<$1Bv#|DU!0`LU=L4R8$fY66peX7->nuW#!~lec}=yAsJUFa*@mgNqUih zzz;$dn&kL<%yQwV;mBy@AK&C+s)d&Z$(Dzz$Rb9gMahl~Dv(KXa^&y zgMMN_2(QEPlzBbq!aIvLs|nat$#VnY-Un5E77bx0jb7y`P{mV0r>Pdo3<-%Q7cZn1 ze@k7^FUc{KIE!~%TlRw!uubJ*PFopAvklwL2@hRuraup>yr=^;#aP|QR}H$_g@k7qY8JSNO^B{FP5rv z$Ew-%UOx?}xOe(qvN@LxgzOcmN{20*KPo{QiGBojrX>vXCX*B0)xqfu6`l?};b;I}R|b6h zys1b{Wegv%fLNDpux$EZAS2anaIy>N$njGRptGOD`Tx<_SbL=!m^n6acJ`)uJd5*s zSNsl!OH55)BCY#0jbq2clrb-87FSH+TFk^0N+DVJ+hpQ>qS!PdS7yY)^Xs>CqQ)bn zb2UBLq}dR%y`z%ROX-u3#a9;L0V|3XBax$rnzqfCm}<1a3f;-jnDH`vhH(B(*WUu> z%GoE8jqE&_vv;t0SE18Ge$@*(_zn&{ZN~w84$b#4R{b)r?iYv~;YX*bNVL_5KhFc2 zRBGA1JDxh~|F=b6p6Ih-rKF68XbgJ+qPNvuY9pg-s06XITAH#-3t{8CH_x)+`o&nD zSkqhq3UXd9e?r;L^WqHCU&EBv)*iKD!waA?RmtccD^59$oJF%*?S(mNF1@4h=exS^ zVkN+Z->6$L^Z`i=iX+m3X|m?~(^e#X0kd7TLEmaIqGZCaUg?cUBMntx@V08tt^(X% z_iv-2PE({Wy8qFl-X({?#)kO0^6sBz$Rro@$##=ZsSOc$c#Yg66D3rIOxF%kWiOZ* zML~}w4iEYJ@vm~J65D=~WkK=I0fXL^BCOy@O;&X>q-&6`CY)nE8>neGnL4~Ha zb~?vQ-bf$I_XVr*qG|ldXN(79r0`{5UthF*l%g4%;XlX#s)|sj1U8^!rwh-f1}x$^ z{~7aU@$;nQcMS1le#MG7w`%IRXr3mk;Z)8TQxf{Ud`R^<=&+P9xZgL_&2r{{U&Eh>ASwCAYsNZ3t zZxd^?3+s6fn6Hr*5$JeN>n~^ptya^SeD13{-$Xu6d>g&EP1acVB>? zW3*ZO3A}OP|ChoVi;zQ_{G_5-?gMHBB{<6V06%e`NQkI{@vrBsh=}trvZMkwW1`H5 zf?l^RY$h=&HJyMUS%xYJcIUM1t8U4U?9-0%deVh6?G}w|jrZZKp@b~&Fx`5(bcxT^(;W^b5kPyG3|vS%=mA1 zlcY=@E!Zef7FrsYc31v>)o|^YPdbs7%BazH+UB;rn56aWe7Ep>m{(&T&$c{ytb6|B zRgXYNkn)h!5uY~0|K2Mpi)NI^rSbbk*W8qI8 zIPAWfMbpyw5zhoD)Yeo|OGDM+kwVWl8P2Q=`QLUYiT{h;>9%cKo)-O!?Lg;hyK{bi zoxO|r=~py8A6Rh$qfT?dfM`1{#Za^)dur)GZ}?YES6Et#Xz^QSOPn@&j@1}^VjKV` zSwkz)aA^6&c>^+H%I{}<%|la#s9-*8_0etvqPNBm4L*lSDL84~vzN(YkTr?qDn`kl zH#dhf0OIo=W)h#fZDvEiCQlw7o;#gFKaYo>@r6Kww`%X;w+i|SZl5nYAtY};v^-#q z?;^iS`tS7Cz32{noiewuD0)_W?WENTH5l{_A5Z$ zNnFL#^KE%G#iP2%;8~S)A-;nRLx>Qz9!J>$oq{}L*XqYC<>95vHgcNC?%93&U48Yc z?ef9Z4C0EAtk0)KJ)xUXZi(3261X$(8E3VmN87A6O`=LM=|BmeDmSUC;98o!etP1% z(6g`1K*_SM_QEUtXC)2^(2;WC6paZoxt-~fY$|2+drjtvy)qQYRI1nEtdwlzUL5g1 zI-wql|B|*8Q^OCIjJ1o{dYeX}zk7Ne`y(LS9p{wHJNYv1eWA7-gtj#6mtzvz|5n8H^oCY>ea<4V%M)+t!q0wP3{F|ak+M-RD zNzH0nH-0dp9US~78-KgkiWNVSH!-4ny=uWORJ>$%iK`RFMeZ@FKE8g17$9CeWlXJH zIVX2(WoidRO&i{QpRk8GpF1Y;?!R;j1_RS4^eVP#WuaW=oa|~xZ8ZCzv-Ils+uXm* z70M`>Rjvy6aB9I=&=wpX)}c?+AXsYfI~WDo>9v zERe4ImamOEGPciYlfS%PFjQcitq7#WE!M0gI;FGSGY{<@7eIWK^q-Qsb8Ezk{b2jC zvm$A7IWK4r@lC)-bacE}eeJd3Wc|fMMW*+#8Bs*`!-_){Cnm7zt}v3;f%$tZ8uxi0 zp{Q^u$_{)Q*}(s@tT0?KEXjo}D7uSf{>f2n7^E*-7qjucV80 zh4ZfbJ+(jotuTY~Fi3?S->N{ov0tki^u}({wib1zYXW8I>ldayQw0QJh#&LLsS6Ai z{+r}4$nAHHFrZ*7iai#F8`g*{wm8~1pQbBUBFH62M2B%?WORD)aiF3`E{?=jrA))* z^)7X0RN^^GQ{j5LUJIMocoP#7H0C}c3Qt*thpT3P*kQr)a2P#4U0m*81XY(L)%VUl z1_iOfkHz`v26iaCagv=3N)YRU26purHD7^rH15nR6qK)1!@n8g`r(Bs}j4syy_+rBo zp=(oe9TfaCmyMfjgZwYYI=^0H*P@_LGN?Cy8`o9#+UpRzbfdaOcB;F(I-H8XBQJPR zj9$SjysU;wh=cV1pzbY$;)=fQK?orUBoN#K!5spPYk&a3-7UCV;~pSD@Zb(1xVu|| zYd7u=jk`N@;rD;mY3BI0jqfnHU6q6KI*7SNWSN18aRw=q8B8}20 z77H6)qK~wqqJosx=p|AVk?>E+k7!NVVrhW%R|qnaAR%#rC?g#mS=Vh~cQ%y?PG)RC zK!Di@H7nu59`>u8XF{{O@;^1THSvjfd-l`hY^0odjhVHTj$oFiMi--0<`28(kPx|n zL1r2nhF%B_9Yu5ymPJdVMoe5;uD$`4mDdisvu zzDJ4u{=Ho&$vv>C#uqdy9b$I^*_TI-qY4e_u^<(9zg-`j;G1|#B_HpAGUvrGb8fkz zwOh_qT;yBLtp`r3}rT9!3&Fs=-pXSSpEf;c7;6eb6H?`zUTah{r@9(Ox3GhY0USOqJ-3*Dt8L{WZYlkAtf+4bZ0`;n2v$jQ zzWXa=Y6=vwsQpNBNwk#>^2{a!<@{8ReD}iVqow}$(^MN}bIp}cd1NP7$7}f}X_57= z0Xb9U>;%r%l3yixYK+IhrBwFRUG`DXgZ%z?g5F2JFrC50FLS8ls_6o0gy3U0;C)rP ze?x(7;`CqJM5qH0AQJRo%Mtw-KR16Tl2M|O3rvf&qe&VC)raolM zI=t0XRO67+-OmAtrcuTZm?Yj{C``#p41C>REOHP%ym~ zkp};Q&MXgVZsboGhKXfqOtP~vtsJ}7_at|e7%K>!9xq~D(9Q2a?OFNtTl|Wm@2Ce ztrAA8Ihk@FqYFN~eu)J$Ha0cR!*Q-0f0efFV#RIPhwaze%_rz04ED8t31@>2D`Wyq zbMjI07s0{eHC1&MyVSP7_!}b?AXWV9qrgM^MCg!egBk>y|MKn}Wnhqzj)5U8lB`qQ z_#^k&w&Og6)j$<&C7jIIV*UB=-V4T+k%3T5^5Jx3 z@Br~R(eqggC`7!`nv+mbaMw2C^8NfXEDRZ1cz_?1B)t(Fe49m1PS!!bHWpgA%_`kC zJmmT;V8MN9P=~cJ@Q2F7FU8i#+{o64jIhVtFZNrhT zJ?@27!^vOQ|KZOBsKjl`asnDk&}3qTakjzOuZV+?)pfsGmNZFI4t1=E&}n6Yuu8{j zhq+ftIqRsz7$O5^?A*NQB|jzPpf*-a5q;)Hc3f|-$dCbIY@+9r?iWy73Oro@?W(~2 z-)P!Cy$JXH|G75E({lYEAvD!s;07g0Td=37N+0YIV$y_N)Qm-aYSOegA<8$`50f;J zv#l_TQ&f<1Qc#Fu^n$PWG0T=ej5lQB@q)KLWBq%t1;q7rbuF3Ia;qs>2^kB~#jNos9=2bO zyDM|koi#85Oyq5Z&)Z#LeGt&J>GBGT|I4g)w+5=)YZth^kr*ynFk|Z%^<;vDjlCuW zF!qN2{t(Nu#jEY(zhWMh+jwlq&Qkgh|MF}aU^vy-23`A+i_Hr~`6=|OP%F|cbsQ0w z9l6~){x+{BOY|N)Cj3GifT91xkU-;kl-#0A@^QVH1K`V*$ps7EC7=JC4Ab=)$|79i z`dagmwmL5*M7Jy<%$YOQ`#NC4Wzi0yb|xGsJ@F}epE{HknSZufLs{%yEh&%zrFqA9 zJ40|QRPv2m-EB?q@o*?>hSBTQ-d1lkgGiL1b?fE^{e%5^4JLboK^Oa__2P+>^jobz zlTd9?8=|8;V$rDWWt!YlOS|)z*a{z=^Gj<%Y6|wg^_{mZi}Di2{IFPr_c~r(j|;cv zMph-m5C4ds;wRD+%g)${H(nJR?sF^qzu&HI6g?g?PNmk`%q6kVFiN-kqFgRrO!;U# zmGF-gs!ZuRTwa9h^{|7Dk+b@YWZuC2J$$~}Xkc;2a8ObnYPsy!Og)@KecbyfO&e1+ z!ZcCZ*ta`wITtI|M5gL7aDuD@!~r?!be5o06ildVtJfxDoh@(l+`{O9N#vCLnzz>} z31{i_M%pkS5;*u<@+WdBTVn{GKrsQEYcF2 z7j^qetBKgdrbBB{BWoU@3XFvw?_8Z2Epe|)PfHBlpKS2jXx|sOC96%iDq(njLGb;u16P|N z!R@g<)ROn}!jVYT{H)B@y7k1jiP#Cc(cg8-Xo@2sqUgF_GKQTUC@_bfbiW{@%WUJm zS1Y~<=8;{WiAlpfl{bx=GF5xretg($V^W4xvr0{jT-FKNcZif(FJ%n>HHn-Be`oph z8G5-09`pT6w)%_x_($r#tJfn^G(UQZOvt_4WvCjT>l8V05?{mLWHh+%OGy9AR^=*u z-C7|zyxp3>&2V$wZ=pYIK7|NAUPGCAHsumPC@CY@_d^bKHurn#tQA3=v?>6vM`TaR z{_!7)>D29t&G2(*vs12bH;0*gQkdrTSJAGd_vy{&nF|N_MuF|=r&!nGq*{M&W?GVh>oQ6 zh5sB#0n@#?`616osigcUcly3e*JVWT3!$zBz{>ByJCOS9h@(OYu$Uf5{)Ar$H^j099Ugr$2PRamCG0;ElKBp?p)UtjE! z{am!Gj`ztUGB{qfR^9?J{iU0RpdzK|Or6Um@3nW}+_*yb5D^!_dc&z>OpTWLq;UIJ zU-plYZaMhu?s1@!E9HZ&qh@THos_1R#ctkX2k&1HL`6dOn2;fM8sh~n>5b0krCEK9 z_wA>G4k-$dPdCV?X?42x=T5wk3m~z2pWcVFn2D<3$aQ6c9V&RL;TY;xit5HOxW;In zuGexs4`iD!xehEnoE&ZbIPFbx4^t63nyJ|+WN*?|)bbF$m~ddJ0$6zNuiZ+SAC?5w ztWdtOh0Ewl!@&&-KAZ0qEy%@ds@$o_lzK;-d5@|4Q<5>5bO#;diTmLQcH{?&lUHAG zvrVSMm-0)_=Z|+Bpk=pwf%&Nw^&KFBR{=s?2!9-{VIEKA#NrSv3G23k+<5*@?F$zQw7 zd*3H3VMPE!WoX#{j4-0KYpt~ER%UD!o5Dd&Zwpg}q5O4v4!8cYvB|C6gws@sG7!hJ zy+J*Whx6GvUF2NGU#UaR5xKq?DMJP({k|^t`c8;uNna1^XpC4*!-As}WB=%lK1!Adsw>xIoVEwMah%94`CWEzL{@Z?- zAcB~U^|T9#t-A%xmo?(0&y?+@&u$AfiO*deC?^?z9?>{a58eG@j9qQvq|v1$ma(oZ zBLyD@oW$V@_i{dWXXh^a7X>l)Ca#OT8Q-XTe~%n#8D5qy9bcFpiq^~tCL+b+!8AIc zd>1FPoQqsrQ3~{c8D8zD2g>!tbXClj#pU#z#^!Xx|ExIV@>2%_^*CilaaSHbSA$M2 z&6^7p1Py<6;Nk2fo_%Xd8q>k%HE|a~@WMsaM6*GgobI&in55OGwZatD`Re0@#P0Yc zckw4-vrNe2P~K$m48IQK4E!L!d|^uB>U=8~g{b8IM@o#|utm52A*1O}Ws2LhVcqs1 zlWDWF;>qS?qeYsMtBU(cK}(ZOE9w9Z2N){cGb9PAxrG__X96YzP67w6bJGB*uI+4O3^ z(yE9!`g*tATEl7WK1W$2T~Jk)fo{2)7 z&x6e^=+cH8jb(k<+6Ke${r324-b0O+9s1RBdCn>sS;JAmgNMt7$l|$+=(x09;(Ct- zOXy?lFk5kQP1Io>fHVGr5iMM@@XSYi;B`Kjzn+w9{bvue_L|2J8j>X=v7!-dG+t<{ z^YqI79ZNewlZZPG5XI8HhWjq@eAkS&1 zrO$22E+F#SG)?U3 zPy~*FxcCN2ZmL=_=Xr}+ugbam&2O^(>a*PYI*At!TD)Qv=)o}$6*p1m%w7iukJCf@ zJ-|*gIK$c-gr?zL_8ceOJ& zrF(C6*{)UclynFgk>gUB4itgm;1c1UfLI0vZja^12k(v@1kw3Ecz6>_pKCg(n%+|R zaX}e*a_n^TWo_gqfNn33%i8U%;e(#u@6;q^GRNO7Wu@L{d4HIW*#eS{WVszQP6gE- z&I4Uqq<}l???^M+QbB94^;r~~YXpm#acWm8Qudo=$R@G-K{U*2AbgA#I z>*|D_7g&%FXDw5A=WQf64D-3HAi;(zb*`G=ABQ9jk4ulUM-E7plykc;y#=j0gj$!} zZ^z~?Jh#-k;-SL@5HfuZs>b^>NZ@N-u*^4TloyysnjAwbo6Ac|ivK@!^+jJ?!_3O0jWroG*}QH)26`6OUIt z*d%Gac`L6lzgm#{w|Z{$t7t{4NK#V|lp8wz3k4+YtJ8V%GHq_$=%%)y0Lq;Eiq^*8~qcH+?EX8ru<4}57)(B+_OD1TXMiAL3J30yKjmIR8J{1Sh(Hc(dV2E&ptPO^WQpVmNPS=zL^Ga)Wa ze`6n00o07v&R5)Qh^XN5YGPtnQ7^!zWa_2|oi^~7nWhDQy+hJGU0u2vXnSbAxjnks zc$-qQUdI}Xf48t+&e9(t~(Jv}6d z>{%j%!|yp}} zX>Z&D!}~a2TFu?>KS)P-?Xv-wyjqG)PLj5b3tXLc8U)awob$?q{&)l+quhL!P-NqC zY34rly~Ka&Fszz(`o3dxvgCGIxeAc2D+aNae5oSav6iv-wmgrkYg;B#=Hue<@@9qo z`rYld>7-VA&&OA}c=H0jgTeMqdA>Md%$>{K{?6P*z46$Mejy0%YT+4Pl9Gp5m8H)+ z9SRb=Jvusa4{)eLvXvxwFj@qsuXe-*@1y4gXNDD(w3TN3_*FW!OUgc-{EaZ3D)H$F zS_G&D@t4-$~ znx}U=$yi~25}t7)1pc#|&IzQMDq^ARs+f!hi!~%ijfrgw0OFKw57p+Q zw_TGn^G05ECTe$bwzh67_j)3B*nT2>(?EWI4v@l8cbhjx+QoK9@o|+D{(AVv^0DG3 zw7dZ(-DO=$b$51vStoEKYNSei;Rm^Xfh|sob5`ek;&{_X#pD=X5Sa2-w)J)=0+1C( z0c4uz1oBiO7>}`-v?1{#FaT6~(y2XS5aJg3xz&}lRN8#oT~vFYil#S2OhR&acp!bh z0+ESqxz1q@&@X4tW~uU?sXm_UQEl5$^FxAn)*~UkPM^PDZnM4TsV_+o;D8X9(Ms6O zI*sW7YeFPvPE(Q%ARcP7p5m|Fyz29N>$*L<2M!#TY?u%ynK>S2hqm5^s*NO;Ab1=H zPc3@boYqE??^u<6tGxJgd$y=mrg83Yk~q)N36K40w`lIcp<_2_O^Tpf!_e?7y>|KV zpm{&jrNvWX6B>74A6epVw8<$bS~neGnb%Uk@K~~2*0j=hxEfu&?-%oMJeuM`4GPYW z5V#wtO|kX4y8rvC&$Es6^XSrNB#--^A55=!-f|?~FQDYed)^^<&ek&exdi(hJD&8?v?#(`RWw;>TUvZVu`793Z{M+Mhjo zQ^A2Xt`ZF|DmR%AOWSTVwI0vo9yL$@T|Q*%M$IQflkO3)<+-GxcPEpZhdu7CS)Pl| zbNh0Sit5w-3TBWD`Z@b+K5+HvEwkpXY4k4ol+I&b59*CllPk~O%0afzyl0mn6)3p= zpphNg3?_?V#4g&e;ne$WKz~Cwkebo3Tk9itvD;=pA;YPCeGt`I$&&Y?QkWSp)h%bEhC01!saPhFWIn|vJ#%`c*>I!9(^V4%x42}4q;<)t*?zj#=y z*(A2q6yh{-mLhGhC9Nr*wNH0(vlXovAg?Q3TuYkiYyJ*!Dw$-})_9!!qeS&LiXG9k z3J;?3XJ{NB0&SpgUl8OhV;37WT`pe z+;78XF9&C%|1?JE*SgmB`5iOBfQkP5EVv9%g4c4a;t-I$HYUwzQ@l+S zKcfZ_6f5~pjMX44SlQ&Ze+lzRcA9ob0wVE@!(Y^3&X^q#>m^zZ3cgi-8T@@lLZ;uA zaE!L5Z6M$^++RvK049G@XZ)oSR);H2%tIWXn2;vdFB2Rd85&7PDCA$1DY&e|%Uu+^i;)tm)s?wtO4n23UNVCkr-%RVV#mIuH7^DJ#R*|au9b{2T4i(ZAo53FSaCoy`hj-{+K11-QBjWB z6M=+iou_#%XM2t?hLV}qi?-;N$eIATrgoVg03LhK*ac) z-yq}9(1?5WXgp?|B>(le6Bt?>3GfB>cN_F+{L!PRDBxrJSXba7ozr33Q2|EF7eIMM zPWMr>Y-~qa)XPD@3uCtf{AITN{Jzn_JrR?%jzO}cP=#-i`Ie(QJs#c+jH zkTZZ{Ka;^;C-Jp`S@izeN`nRci~1U>SWYF9++n}Zw^oH}eh9pHiW&aLZ$t)n9~S=p z(%7VK575cE9FI_KJy@WR!@5%WR}R2C(x34HlEJL8vuwTbS^x$WEfIdgv$CZ$lfMmtaMnVcHT9X88Wb`%mAQvb=PdUMS*%fK?A_qtpT zwik6nB&f!zhN~7E^Sioo2fe6fW{-q9v*T3Ii- zz*TZ8h!B(!TcC!zx-J1-H{ouy0`7_5%wIgOV^PT2S~bpULr*eY($9{)+_7z)>gbok z!tfOVlxkbXE!ZR8eHs*!GNxKeI!+w_c83e93w_a(wAqHG$vOc+7xtPFUdsZNobhVe zD9s_8XO3_==G{LdX5o|-Lg@kuO0ajvhRrQp8>VW|pL`Z74&sK!5;m(df2%jpYrc@< zThI&!M+8&4I6FEzPvO9_^Ev_D3`rTPg{$>+ULKxC`l{$GMQ}f_yey6=1Q0GL>X}e9 z(XbJw3zl>ke09T_pdtQ_7c*^1eqnxML0L6D0|O&{tbO!rO^5Y*_OGnghwX{|{c6Z) z^;P{9z?HEsQ5)D%@JV6yBj5wRloXMAT@siYm5LUpY(v;c} ztsqgliZy#)3)%oA-=4^qn6Hh<;>^kmxR_ZO+Zv0iViq-`)D#u8IQ~|pEnO8G%wMNz z#(+!>BVt(HVAB`#BeT=8GN?$hw7C_C$fQqM6GG2dbU$D>fB#-Qp1qzOTimGMF#CP* z?=$7q&o2fF3ejx|K90_!xN^nBWx-q@gv^P)4OG0e(%it`1Z{2b)8UEWz#ex;hJR>R z7x{&~>@2twYRJ$0C_qZxmMLx|)TQuF0RzE*xHNY_W4w%7_{1DRJ5DGIZ@0Mr-4T#n zaB}VC6d++Qv^~MMi>HVksgRx&kEhl-USQ1FfUa+zq++H9m<9$@HIpAO9QmCdTp37V zJyp06t9Ejlp0adyBtQft)0qgOv~q;vy)4u=!yGc?8V8vc`)O*0TQfswCVF!$i)*OF==w#%6E3 zBhQ*TU_w~zkBKE62>E7v+*NR@iiS{l<+Gts@gdSuKAWR=aQ6DIt@YIP6WzIMMhl|u zG@yiIC=q2&g7!^tqPHS}ctByrjv4M!YO;Wp+N<#RF&!*dzM{fBy(hyh^`G)Q%(QbAFYYwpz#d#&As1KNE80a`S8~ZDmDOwZ%a6UF6Ba_vhJJftF zB}$)1sR(*iI4bvnZwD6-hgkOW7b=q+>Ggq#3n5$*GIUi@1`6n#vS|T z_Dp?4CsF8{8mi9P6cZ0W#tl|#VhXE}l0IlUR>>hrNaWRqY3?-<&;@^t>C2Jc{!^1W z^DcT!RY6#`pMICbI>d?BvMBW-nQtkJRz~sm>sx?3A$C0iTb|?Oajxm@71b!8_nqCv z?W2t?3XW+S_BRc6eT`+iy4CXDN^b_6uAHtC`RegZU9*BFd6xtV>zG{gwF8?r)9C7K zb3#p3&5K8`wpQlS(?KJX6X}Buhpc^pIi4b`Tv^(`ragium&a#kNUmtf3lu7Sj%>TZ z==P?vRz1ZZ>Rs}1CY88|$c z87O|euBelJjRi8Eh85MzT69!sDC&ESnO_ZJh6z67(aIZlo#`*SR*PK^XQ*0J;M@F89KWPZ;20#83UM$g5Ql}sOl z93lec3dmMn;S!^)D`45K9jlOfUlnYG6r&ikMFWu$Z!RP#^2ar0L_#iymVbY-g5-t{k@JiEQ4CFVdtv+QQ*Xd=`X<6KZmgL*4ume+pP$Li6^3j?*P^SOf_sj4E>@zQ z`A>A=GCX9k0GFm5Z{7LE-N>fJtw8{?DI%3))=-%n-7a3*BexJt+CKv>HXJD?UboK> zxKSx$vt9bGoH}$-gJhak8h9V>w?VY$IVzZg(-$Csp3Rm(zPhE8DH>zyKG$)JzK#_gLNDUfFh^TYy3Z*>+YI$fy2* z36rzws+p+;j@#VU;^!7T0R6&6-$;K48gN6Z62XUUpTkj<_qMhfzdDEK)NE49Bq|vS z&U=%fQKx2s0s^h+HUQ{*cx$W=y%gvFn5&G_bG^{&^tvSYmjCkm&uRufTwd;cl@rS` z43dR5j~dG?=QM<4fPfg4bx`6c)qP8(=)C}>y?s@KPYWU0f`GrF_*LsgD zM1c^-%q)Q^JYZxcmD-!3jq~pTQLHm?n?naZ7gK9k!H8K+bl}-1+elu{g_e8IJ3oaN z5sX$}22@y(>Zj+XY#JLH7EV334i8C|oktmgb*t1@;n2f!$=oy#cDejKHvnQ_tchNn z_|FiFP~~3p8&NMQCN?!SI$23mU0z+BRp&lDt)LTk)0CQ$GAA$36h`Sm zd@M~%IwB)?F=`*|mb6XVM{8zfA!b7r;SYfLj+s1@(aEZx^XZ3Z0lotLJZ7yV(4WJ; z-I2Z-TG|4${=GX4qSrMkxeCEoL-o?d+_Wr|RYbPu8r&&i%+RkA(vp&ZDQahb`-Sd| zwnee8c#xK&_GoxHauJuqKdh!_oHzqG8BlpK_vnX#90P#1HqRY0rOkzeIp zTK(?+ksm}t3EERL-4uTVx5W=wh4ORifU2ce`^p-K|4L1T9W1u}B82|T?WO4;?oSJr zUc95D$|U2y>W{N)Mr(Sx&v_+N1P|v*`k4#iuj5tAwMqZCMrVEo*%0FsxZ;)zQHhh)Q2v@xJtv(Bg<{s>oYhMa+AuN}@f7(7bCR`$Y z(v(^23oiC8-}#FluL>MYp|6ZVZq{X*?gD6##*(0duXz}3@svx>0{db7agUwHmUS(w z^wPG@H;i*{fkqyE;GT{Nugl&fO-Sze6#9-G7ZJRknw-UTc;7prBsr#yy79UrBlqc< zxh$pNdIo~Hh!)QRLa&J01VuU{wpH}gi$C%+(;#;5xr?1`3phC4FVBM`tnC0KLoJsf zKmAg`e!{_R0hMrY<%q!7!F^^1PN?sUz{-S!b4ULHg0lj81qU}A`ebO|27p+T-aWro z_Wl3rwW{1)s{b^B_`hqSXiC;{N12Y4bo-`jnusXM^p=W}Hb$M$d1I8@lrT^3H6Mhm zywUrzAw*Mw*z0n&OR5!r=$-HAC?G$ku^FV@WOp1EV|*_y+aO9AS3~nyPQ0(MY4(z_`W>_g7n+>M?E!m{RX{`mNMAj)?1>bn{T|-60NjIHMxO&NV-8 z9wn-?)_d5^xfICY^?1Ojo~M+GXGrGUy+2+eZp4TSGIg$Tg!}vUc~L$L+T~8|s*vFb z|7_T(v_E@FeF0d@n7QyRF(L0>A=L3v*#Q;sP=Uj=sqy=?3eEWIqpOqc$E~S*JB|&K z`^WSCUp^&A$jkuc8rn`_YDS$}eXg>YfJfFjfREAgW zAf?2jJKNT!;R3h7HI_$OmdYwgI#=zt-tv)@GF(add=`S<`s^a!AQYebQ-7P_b1SFK zJ|xCJ>$4#>^zlP{1U=&yAN6Vjs?Z;AZUvW;+3uz~OUXWJzPzCv*Vg*vu=lI&(bA~L zj>CGnmjoe+ouT;h-7DW;$5(sPnTK~7GrMWTFsGzTI5=jC=TiaHfj>*KnM&Mt7K)DW z8r9Qb`uFi#PnPE-ODcZ2FgX44dImvv4i8HYvggf}f4*=uFvWad^0?GU0%;{a+S$zT zI)+Y}?j18RVXAklgEmV5&SCB__fvlby_xr>8x(oH_3n1(xQDX3`?1Ec1>T!>ll~C> zY(cK|a@Uj9{T1PeFQLL1e_(9C3?d-J+*SvRxBnQYac zdZ-ZK?u?%d?qmi&1nY%Z;M$P{J%^`DJ303_|HWAdeA!)76}jmP#fZ%Ud<4CF(odOw z#^yCrW$}dco|h%M^^V)46T1nXcRRzh5X1!}Q@v((gOHA$_j<(5Ti?E^8&jKdup=We z>n{aL=*iumg_@7$0{zD6a!KQmCA!#7wMF1^hV1f_>_Q}pjkGj*$M9;sZrl4}aMN5n zCj?vIWEtaQ44@EC>-Kg8*~|$))S0($O}lfqM8Od0uAa+{#g(Fowf@Z+rP) z(~Qg$+qrw0RauF|$6pi=YjYdkWp)9tOZSjvYtLP;e4pY(bfHh(R;IHNU4=A+svg)i zJMRCRD2dVgz;o`X@6tY_mL-^0^9WfqXO>H@Iy92c*)Ms;6X&OMVK#Pkti)NYRp)&< zYZCx6zsV7?Z1uG4=X|Zyr3gFp@{Lv5bi{^8!%HPPIX{GOzunvm&n9rPe*L!`!NXH~ z`n^bZq+Y`Wd%*ZgD!Fs^u>8U8*m#ly2cHX93ae#bKgs*OJBz=!Z*@pEl&r}<_9uij zf1V1+dgWOIMEwDil6(Se+> z5YmssoP*pP=?KbJCvP%sWv*5r+zAdYb+R=ikaAu$?yKw~EmZ~$u1)GX$L>R)Aq^Lv z*KgGu8-wQZpxUDne-(q(uOWt1k;yF=MrOW)qtmZ$i&^e(LYRRRFUAzUH}R7PZUhjV z!+B@^kJnfAF1l$gQ{;J_8#dbZDkJ_K4!RzPW0(b`Q$8~du7&q@xk`OTovF($N_nz+ zr)zPpa}Drtx^_%{AhBwg{sFus739*UmnEl;wAAOF4~Q}jnfnhetw)Kt`6$b2}t z7%lP@HEK1VTFkPm-9hyYz2vQRY(ML2BX*r0cmCD)?bDWd4n?HxtM?fVb44`Vi)BT? zd%xs9Ga-~1y>0MCZ#0BtSCEwPc?*mza`$Xbra{c#s>e`St9vx{&rgfd!)oh!rEiU9 z+go&zl%>{`+-nrB*Jn?dj*fyEk zmw2eCV4^#Eo)_7cf%|Z=Uy|&xrOJ4DU3K%q%vIFOM(M}sY)d}yI8IMBA#_OcHhn^a zJ0kOcnq~n!$h*5r&&V{)$A?HYJvZy&-~T$K7w^9f8YF~Zgv_%l&`YkK1LS#Oo*qTK z5t1r9j`PvPL7+>jsIS^~Zriii130NaYZ?U=z78C>@%bG2P?6XVXiQOy-f;8e|R;8o6XH@JyW&= z|HcnNmxRlxSH61dpZ|!(yT`d?k4!hl9j1d%h;YsI&v#Mg^hxF5dKvblUEM9;T*ORnB7{!!!5BEdXua7z|Tb_qz3oG4&KMKPb&c)=hwpJ+@RkL4q=d%yx;gmXDJHFgKXy7sl)+ zX%Si&I!>3n17aRQ`uE!}6+vyM9cmma?@$N`I^>FPJsUeNdGB|!b8j&cBR^agr#xIY z#ze}Phb?qPfl>%xupvu0tQH`IE~RleEHF=n7Temx!8LC^b!|7`jp@&Aef+7q!Mktc z^Ci4~$!7-cp_h#s8Sn1xx;fi)L&MFncYSvIYXeBy&SrZEb(n5DaVBbyU^;usZclm*lbILT`~!G^s3daH@`(s`4U|8uym{s}BU@{!s1)59CIbwX$@xkXN;yj$0B! z%JW)}-`ZH|R(;!^nrjZt;Ys_6<6<@0k6omy*S~BC)!DV-0zv7v$N7R3)>^gQS>O>{ zmhNTW0v7<^r(KInm74S-XtzHYle$#T8zkOG`~LbN#@tXG)z-H67b$|C*EWgIW6z_P z+uy&WV;tOwd2_lB6a5>#_`;H5P387S%K<&ncoW9&4-XPS*6nwPcV=Ws1mS?QB0`V_ zN!R>TzR>BDUCS28)3YMW!jVt!sK;wRnvKHoK3bGk9Fmu}PsqC65wN5e(gkR3r5s=^ zT#Z^XTff;qK_}ktNXn_1-`sm&)IGT9lod8W+f-pVxrIM)$xW?(0NOX<0u_OEYF9#C zim6}0-61~v8KHO(`G?_cM-2F&E&~>;<<%@Eo9nxpsWxy}FoV@bD7H?kN0TAf7)F14 zWSP79ba@6D(|*$9eXIm#f{tYTZ&7{p6+~py+%@T&cKQKTUWN)U#28sh(>MY3>+Zaw z$aLhQ!=0T9S>S9OTNeaBm|VP8T3o<9c7--62_#k>jCZU~P7R6xm#OEU^VUW4v??w_ zwlA#(qj&wfj9bK!&c;o8IGzPTT!x7KBpk_s)7z)6dLIVk7bxMrZ{alIre>GyoVKqM zRLx5p>tjUy8Ai#}a=F%1#!YncmT|X|kXN6lD$r?=kw?*Ss)?X`ixpF@?MZ! z@YZVmk<AwR;g`qLx)b>e<30c?t3fB^TqWW*VyUT*xB}SMWHzd z%-K@6N2BD9jnk-{GbWe8Hrmuo*KW$mo`ZDWtDLD@lyWybuSlCW^%Y(Zs~S=q3ngaJ zh2Bee`gsllH;0nD5SHNqGKj4%hl9bK7ZMG7r3Kl&GXox{+dXjo`jSo@HLy+jo_VS1 zWZ51E-b2W5TQ+ojwA*55?DcrE?VIUxt4YGDiim*?YN4H3`y%auM}Pd^gTWaiUI zWV=h=R_|H9Ah#frK)b`C*qk~Dto7!z6XZ@d0UrJC<8Q(Su1`#Gc;Wo_8d#SMx6*Zx9 zpjX%mIZd*g;n)t3Z6lm}>oz{K)6hK>cCp5ETlOk>GxEzkSN(2KjnX9V!*T#f&v&Yz z6o7(y3Z+_FcUycOH`C4m#}h?$rnJb8;~WNm`u?inTC3I2_3Ls0dj^9}>qWT-ax*F5 zO5#1ak~<}KChN;H`b|CI58nnR)~m&&Qj#)R81Hw)2CyHf$QKFNE!yLGMTG+w>I2YY zac@6p@R;nKSW1c)tzWh|ICs&G50ftJeuevU<7j%spkujmT+4cT& zXMczBs_p0^9*M;BY!YoCB)O%=WHY>zSle<5)0rn|W=2EO+gh^|vSPScCC%r&G3&gf zmdCoJ$pQqkPI4`tW#rl%S|JzbYnd~g?!63rKj*}lQ;Lq72!E7-@QkKo zLjaK4yP5gi_-x~fd{pkBksF0uC9t0Nk6-)shW~(6y5< ztTpG{tkv&gp+AJ9hR7c#ENY}Xt8`J$NX+z!ID&#zhmk}3a2^&-L33x-4r~PB!hb*C zTcsyD5m~a>3gL`xsJ^F4qm-vpvE#t}-bVa9jWy&?&sXVatGj^Kv*Z=ciy zff4vF_ykV@&v${BPn`s?E0Pya*c32k?}0Py>BDdkU~Hd0Y>7ON8qj^x=TU%zyFmkn z`|0s|^Z!9J?nIC?_ZHzyv^Osqa6-kh*f}}ts;hzHi6ey(3t5FO?%%g^X`p-&c--?} zue{4)0@yY&)C~;{g@lBJh1=J9BK`gSMMOl%$;o44Vx**`6y#&RQfQV;p5Px*3pe0f zf5b{NX2qXHHoz=Urb`%5Fq_WTTn_pcGF0_rD{FriG85sMnh97UkH0%fe_VIxXP zN&rYCo3$lHdn2!=^=dDA07ij93j)#8AqQ;YVMQ4l7(}mSt*x#OFa7)X4~P%I!~43q zxtZ}=un`ROJon;~k2f`Qugjzg=zLXWWv>xyKYV@{YbgR7vM3wYGAk=RYf+`AaaagEaZU2`L9{O2zKqw=5n&LfBg7y zb$y+emp5j{R-`Xr4*>PzDlPn_QpHslk25*304kR4V(b1ipo~ERv@TUEJ7d}cu z!ABLo7&5d0&=u-7tYMaf>6YOliDFbJ7kNDlY>r4f(g6weQ3F^!X}Sf7!3Q}xJ#Jvr7 zf&z|@AD18QU&CN9=Y#j3wookM0%?_#Lg^0Wk_?Q_LyN6NCd<(GRd;1YC%2qXC_5i)yh8+-JoOSzljYT{VdP z#89#ie;I(*cz9#`>!pJR zFzd%OeREILS4blAj;5!1mJmdo*tf|?eFCq0e0CKE4ZkvAI*x%llD?49GBP?jwM0cl z`BIr|z;Ky00T0IdZpLAJhXAPAG^yI%-5mpuwHtIOrgt8hW%rM^dt4p_1PRtU_M zmX)-?^DZCN)~m08s@?gfAlxehtdx-?`VjO13X#3zDonM6ddcQX`Ff>#G zfu(3pmcYw94f-pCiQZ!?w^_H%7>%072o1}bWtS`@v5Sq`5+#a#*8Or&TeA)1IGKqN z&RSHRgXDqCGrOg`LA!2)3NrF1{VRDTC4Vp;x}MU`cHHB?#8C;oF`LC`dvh9`EV!O; zpGHqdNqPir$S};ZXNQO71qC15+l2?TXUD+xLL)Lo3$#t3oX7#uia5`@#0?R6Mw*O! zp&sb4oRnqkVvEw{8vjYKr-ButAQNiaIx5U8u(^U0_4ftV&CHvZe*WTgc|245ve7tF z84q;BG+_SI&f^fD!{XUwrYhnI8TC!G>MIj{MxB4Emf4EiUQ6*ubd(YgWR56+;n_4` zPAyO_Y;JDe*|8AFur;^H88MS*75PWcL(oKtcJJFR)B`eh9&&)6fup@WOGRV0&0%R}q(G@I zTgCy&@A%*mu`lQ-LwRhVh?`FT1#J=_cNYf3Cc(8$3dP1k{K_5PgOK7Kfvy&!5cK;M zLR#k$GCA`Z)^DrK8wA!W?$m|GIaj{eq`zIYFOYwFlttABy{(G#`FrARyJ5GnrC#@- zJrr+u@S*7Rk)VO1DU9oZ&8FS?Zsp9mVV}F2ack8!9UJI&>!2=|2(ME$Il#&kGXRUH z!Yok@jn;5;;|?*FOXutB?fohz$4p1JdhE&(X^s}!MUx8K+|&x>-Qj84g57P*{)xRx zoKCDyyo!Dm7%NU*vm9zqlqH)d-sHf8q^6_X@#`D@3mNI0(W4>ZY6Q?%Je2^AK6@ID zT#7su5SC<(ZWtAlTeOmbB3goapo#GZ)>)h%t+FOwv19X$8+In3qU>?HKtGAW%eG24 zScsh3!Lck7efH@WFm24&Ub)XmNWoBQw4`Z-FR_v)DwGh?tlK^PKzI+v~*8h~kebmEth=YEY1aKmYV- z_bQK*qTDdbUTpE;rUO;Dww*q#9EJvL^cpP?n^ppO)-8wZ39Q74PcXqKw>tcL9V zT%{_dtCRgD&*(0!9Ca0+#l=%nnnWp4gx#rvWKamp*9oqT`J(E-nRyY$!(t)VEfv~8 z(=EvV#uO7W{9Cr4*FFKv6_P?PCNiB#PV~Pu_mzK5_5c4~DiVUAfRuoQfP`F1j&2lb zsnH>f28q$*qD2IxhQP?tqf=T!X+|@0OoS1mrR#V6e*THyxpi)wTkpsFyk5_Eh4L5U z?)b__h0C_&6b(O=6+Q@r#M^x=4KKtGj?FRAcqr>g)0NXYs-p~-)jKHemV4^gCfhX= z(Ee2AszS=T(>(mn$zGl#WBN5xHM*8^TMpoxhM~INjBgukTSkdpQjY~bYW<4h5(#`b zeYu#$=$Tj3kr;mO;rSKkq$P5QIVR@}nZo(%eXO&xIh)^hdnq7w8}iaBKM`P@p9ZaS ztcU5}CNzuP^$q};>%Hl0H)Ougl64y}9v%hYfQ9qn5fQn8mO)8ebNV?{k%?e0FX4gr z>u#bMK-#mm{=0RMQHk1!ON4RCQG^V_^Bo*1`6{B;0&BEPqaWKv*7ed%GX6MS_p&?S z0v-f<|GV#@TO57Ws``7dbq^7C!U@{z@QkcnCy5mo=#Fk}^C5MN_-SuXesa_n+|$-m zOhXp4D&NL*cY*xezLUk5F6U%&;pKSXd8@r^1yG z+uvp}qdSstN8r$Z(obsi`(#duw-PhqqMq8>OIZ9FZn6lImA7NH?&ZMdJN zK}1C4v$L>&eB3ZpK)XpM5EZbjGEprqU%&6*sMMy!R^w*TX~9vNk(~GS?)Y)cDU!j9 zxG0@6J{k6F&f}?8gaZ9z5_;1U?O$}NysA&i7@Ipb)JsBhbZ7J?8n(MYQPkWPJ(NCW zm*3OAJ(V9xwAwFlx#mGMEtX^PS|=P^>r%>|wug}ypC>>b?JNP|EZGXO9z|{z{e?G;x=fOcaJhhHj4n^pK8gdYs1@n(R;rV|Y%4O@NkJ=WPSrF>k= z&Nr^eim^jD!UFYl|3^CrrE%-yL6dbcM2d3TFYLNGdJ#$mc>p;!^tgC_Iac*krxz8) zTztAN5fohU2%zAm@ev7?wzbeF#q^g>8*f`s#7(2^gNbR95UjugCJaN?5k%eyQjV<= zbW{b3MpTF6%}@97OqGSC!zchlFGpAkBKlVkmY0_STe|L|PM9Hftu}4V#?HE$emjjS zxgSUrXXFLK$y5AE>BlBK2mk{bMM`#cr5%dhT+S@ZheeTh?vS2(jKS}xF-EucK?czy z0j~E_YKt|LR4^en<{K~=Oy>l#B(3wEru6fwOuOpLkWt$D8=0XE` zDp}y`?h-}Ham?qDZg5s(%wRn&-8enh?db9A0`Em~NHH3$rv{*4JzW|yD;}ztJ=&h~ zj>m21*#`-gVmtG3_fpgf5MK&g+thmUa)$A1Yt#DTo_~<0{_Hm3a=N*54GR8L6m7ua zQGKAYm(+(4n{6J$9qQ83k_d01k9F4%w%Jsz ze{xuokGSbDbdOhsV`BH^hrTyIZ9;TLWe|%^8ei)gy_T;_tyD=k+P>kA)F!UVG4;m~ z^fH?3ev*loFjq%I&WE7pvU~&-6tYGoU=uxAtZg)7FFbWLd8cR~Sk2H@%<7#=5j9@& zq1z0T&Qc8!p*;+nM04qT5^~b)lkym$SU35wY0sZ4U!ycd5S7}7<09&>_?|b~dNvqi z{8R56_czqW!ob2nU(%aUow)Igp75iHbxRW*>;Zw2jn2V%*<`sxNP(P{r z13Ov$sxIy3F{@81+K)4i8+E;&;R3MQ%l52?BN8m2?v?$GjSYbEOcVEyJ|L&aOa4zK zmvk=6#ZJZ}l5sdJbKPB0PDPUq*vZl$CDpLE^=3CV`&B@Ho^lLa)BmP>80hn$93pAI zK57gRk@D03n1n6ZZOD|WU7o3uF!%hmYWAYShc#KmeZaMh^?cfJg=;vy(RZvB>{$qV zX|JlT=I!|TaOnnEGL64KXE9Zw&$yA>3!4o-Fn-@eCF##r3CT~d%82U7u6{p%rX&j8+XXlK8B-U$XN*WrNugz- z8^O72KX|7WJ{bj@IxI|WKd4NnT(Z8v;@`Q44#^#l*|KvHxo`;zR>l>H4C4sPONddEG48wynX?~ppnLSo+& z^2sfhkw{56SR%H4L+%FzLMl{|0ADE1@G0>B7B60afF8bdn4@r?q?U||1IAuZEA65cWqPm6JG7StVR@vZFKf5~U?=g&=S4v3CcbZE{@ z=2~He-|!%B>$Lxc2CGV+->Z2J2oKD5`t75d=S-JG6uM>_pbfiM+l~nUN#2&$jrj?$ z%BoH@5quawO|M-w!JGe2LM(PMCt{!6{@E~&|5Igs`x?3TgN!cofGV7IR-JKl=D)Nt zJ?7@N+(JDL&P34P1i4`xyII@s*$!cViUoZFsMsq5Q`0AEx27o*%K-u_D5%=h`D#I} zXrg+SkeK-BcF5BNBNj$0*tDXnYlUAGb*7nTq(Wi>q1NZxBMQ8w1FU}p?Pe#Knd_$c z2A_;eCwS|#jHI$IwBT-dEYYva3DJXX^A7 zAqk5c`j=}&%$RMDBN)r4+l6HgO>9pqvKGq0qSKIk8{4h>Z^$+%+>a)dir&wF2uo@p`lk3nZK@732HhKVdUlbPG>i;;j*J1vV)h=-mG5 ziFD!*VtW!bkBAs1z#|Rv)Slu(_;@3@{CB!H}CxJg&E6pkI^xARqi`4F)1n@ zN-?3mUchrt&GiTOKNgv3ych2s4c#lf7bz@@au|82CXVeBlh*vKx*A0c-{t#v@?e`8 zK26?GpQE)iT&&&_*z>NLuDP-UIciCbYqs%-73qkuBaSp07!b_pgI*HK^qaNjAb~ zRk&6Y2z|4-rmZ2>k!B%2>F0#Pl`#seFP)P&uR{cSIvb7HJ?Kk2yI=bCZYXx7-Xh-A zM^vI_dMRbD_=FH8M9^V;n6R_M!jqP;>By({SE346$Q@GB{yI~KhiIDCeVr;R3uYgH zu26e4J#qE&Qn$3!*0D;keNnFcS^zqZ5IRC8;SBb@Z#^&uilMv0$+HB ziK8@a)g+d(d6EVk?=u>j@mtV7Q?e>vk$*lDFr_K(f;39_q5$$o?L&nc`n53!@lS&S z+J0~$Wt?mmh*nIdpQP6FX{WiLQ2*aUt%*k- zZ?w9>c-4^wcf4m0sP#CF9%!4p|KtA@hP$_Oi;MfN-(9za%7k`X2}1L=dEkX{689mP zhx`)-mRroQ#SN3_MJ~A_p(gecUG8UehGv+Dn z!w=Y+Bj#<@4xK@d%8d&W`s&x+cvTI)Xg3PUKatZFUalH!x=zg(u^6Gv82dKq72EN; zsG_gPbgvwnRD{CYn{1X4w~|_zZ&Qt^&kBRmzYR9}xiu`b^0zPKjMrF1e)MCDmfiVjV{40Y|DeO}j~+#~&0)}!Z= zqJPmBE}f^>Qq@^Md6=7CGf>iBWUM^qJ&p!KzB$ct7sFg-&Y~Yc>A>K$imk>gFS7X+ z$NJ~bp974A=ZTTA0$(gFBkNmA`buc~ZvW>pK33pDi ze%Dagf63S(?2QDfo{$TF)FFBQL(E4IaXMx>L5yV%TYLw$3CR7L<|qH@Gm2YGBWOF; zYPUmn;M{ds6Ov*+Tt?~Rk#%#hh-%t5r0)@c^-;PZ6SyB z1m2+L>8!A}r+sXd&Qi=e#zof}sv|>8>tjgOr6n2Cmk&=50%)J8w!RNY8vb+$mm z2m=|{&(`jgBkR|ydH(szdXLT4efQo}tPj5kc2j&P)4NS~9JuAK4g*DmLl@IaBc*p6 zXEf(oOd?21%SN#Wk_z-VzBm0vW)z*s&d#{{u;VY9seK<92N%=dY8kY776ZpKkPQ#>*c@~r_ikq2g|&};G&y?r;t|x$t$`G>wmPtSp!zcZN1<(QO*^Gmf3%t~ zWK#S$`B|;Ie$fmf*FEx{vO>aEN+hwqt`v0MuBFqWk;V z9z`FAW@N~U`|iNzrDKmwx=-3UE~KmDlZL>RpHCeGYS)6XREHNXy4Y9{4;koKTYEqd7K&~v25-E;G*~k^jY{t(9j~qQ?`%uEQA5 ze%`iz_OQIxH8|oh;B3jL%l|V;Sd^q?~)m|7HROAXToRde}6lg1VS=bZ>Xn7 zLqk(##2@f-@RM$dv#TrY;5RARUF+&LA)oJYJK;igOz^?gl#~=eCpR}YU)u3u?^Xap zuJ&!d7cWYRi}{~-vfM@hc#wsKg`Pe+D@zkO=A1>laHm|=i=WsR2rReu0s^4oiY+&A zIDBEjG#M@aBu=eBK>+@NIY);q;`TEkng<652NLZkq+Z!_PvrnX-!fI53xz_(#KyMx zpclKlsUzx$DKA6A6j`Ln6mRm>*H%`TsHi?Rkj#amvxolY+I?pw%;Lz$HoSnQTo8z1 zdvS~vz$2)syq^upg)=tX7Nh1CyeWyV^9clCXy0Ty_pRXDfOi81Gf*?HY~cLP#%&?o zc%dTnx8~-1L`1f>w%*>va_Duv{tZ1qo}eQBKSOaZYTZCwQJaxETB)F*05}sMINrS- zGHi!Tj(o+y7-9WSreKn&fzYm(p}zn{lsBa` zqbPq{@q;OHTJ1Ncz|xFWmIyei?}tDQj^gMN^ETl*jT+!e0gZwHB{w!U*45SZ@bK{W z_lH77Ke_r!u@nf?JRl&>@BTgETV@;b;zB~I!n`TQhK3NBi5%e70iKZm3b$?B0a8wsugfidT!X3<;2Uh=`7Er#wR(1+P%+UGa;I zG~CNQuZt3?kS!I{w({I@IARh%c4!Mp8NQo2J#oZ}QEuCRUV4o-S&R2Ecd=L~yh@uo zmJbkVFF&VDAFa3-d|a0$s<}R+Pf=ZgKBqh*znZVOm*LolH#kymVRS6HR_q|i4(SFv zT_MeKNvry^U_H8+z%o2GmT>`A3@9?}ODm0?5=+{5 z%7&1H$%*I-%HC27lh~?~e(BFgOxXF~8Qg6CrNy3dwxdYta^ZfAfxwBK-RQpoa zlCjWvhxDB*Cw&)WRrS?U+Stuv+L}VJ&C&4?%njYOnHeWCU%KX1+;p|HZQcf{@Vjbx zF(@p`S~vNmZ1mA^FeWZ@CU>n7uF*0~EJ@SA=pusE-4(1V*Ex2=O`PX!)nt{K)E8qf zm>nmr=lxmrw~8s@e=aN?ZYWc8H&1Zm756i8ZdB3W;0xa$SQ$su>h#nNa`j3^X?1k> z4l#jJ_;l>kHESiI^gNewvHhpf3@^%f(YRayIUEsGDqH%p*Z@4`h^ld9jlDLT2>z1} zLmHl3_|i7q#&i@y%M6e@g~s!g89#-=^N;3JGDVc?f9l%I7*9#O4XUZQ;oiEa=X;AR z_z9j7E1Vm>dFSaukgbS0zkAV`tr0ZW%^2@UZ9pxG+;lsqq*b z^Zh%&&R(6(|9}r(Xm&iI0 zbwB^S1Sm_2z9=6f+J8QIV4#S1K_Ki`+Drlf8!UOeSX ze-`=brgxYD=k?C)_8I^awu1W1U3s|LR2+XbuiEHcSZf=H0dP`3EHvKJ@sAynA zvyBUP+NkYptn=K+Q_2cl7j?%Ae!t1xJ9otMHV*#VG5$68egRQI*8lxv3J>`1F7#|} zI3-@0M_TQK^(=S+)$2y7K&QFkJn6-P!@rVzg}u(g^?1?1nXU!LpJS}3dm2TDCm7Eg zJ#K8nJH9PV$W5uxIIzpQR-YJ7vVh$#*oMzS;el7?KPHm4Q%QR$Ti8*BOv-P@XelDi zEYK;f6t@=QwmNP(@}tlJ!ehpesO@IcZw7xq0{TSQSWnz%(JHh^Z$#eyIou_z-<;Mz zrYX^4{w;~#&5Ql8`YGr0->V{-gzsej)!YjD-$Fga|5KPv8PA?lnw@>(@QDRI*r--3 zLyQ8^|HJdqPD6`i;^-)2ZEfu#W^8O+kWUSt1xxxW`@c2bRW4XBEG)Pl#3Uq`RB5EY zo{-Sg)C^ED1T9DaCsMNEsdD6`q<){@jC~elG(GA?@p+ZglcHAT1uNBWx9Fds&}*)H z{&(~_vuEc}HR>SNlWxJ}5-%vt<$NPTBY;CZch~eyMl(f;GxfjD`9MB@{_J&kRIhSy z`T$$gZ}phreQQI+V{dS=H!;@Z?H>?u2ZL59(WYBiDq#)f_2ePj1_3=4t=)0;_xIYO z)+c*k#563XOxjmu2sxRr1o}SS*##t#@HyT44=ey*9v>a@+OCt;a$H7NxyB7RUJJNXprZdH=W1orZtQQ=&1~AS16%v`W)#m8Dy}kKe4mC89 ze6Fnp#AzwY*L3+DR`O-%Y&?{|!ul!^^qDi<@*6~pol#%pRk+l8X9rjcZtRjZQoB6LBKjmbo2vxBh5mAN2d>+PugP{4`B(Bd>o$eKYGA7Gpjl zDeu&{-?h?th7B~b=IfmEdtB@_HlunfW_;2h`@MBXBIrUjXp!AAGO#HbMI!8Z=cfzN za3!NTQ6m6`YU^#9_o@cnb(<^TEL6-eyy>-8Gd(#4jD+6$g#9rB#0{TUuU_qdv!HU* zhBs&1G>Vx{)aLN%jvGB8;||XSyCCV`A)*#kv&$FvyS7m$1K*Ra*XL2h0pvXSwV&Tg zPTg56h~O+JxPKJ?NXJ95ArW1obY=%5S>At@^}$%YS$%ZP^ZMkTOt6q7v>I~=AZv=6 z*=n>|ijT)I+UR%A<<^gVwwyC6Oaj_Dd;Ju4qTOV=Jy5i1x?06;Cy}MY3pftPPn)GG z3DHvMNu>(IAQckGR?KovnnDruWzPB_G6TPwe6hdKGGysm`=h_?= zg4C)VU)ZIUHE$>DYBxpgb~T2X%BNNH(Jp0fZuPZEdqS5_)3|-)mEc6aj-*!}tY!eP z@mQK^TrTEtws-FsNynY;9sI{DAZt#Kyl0_a^Ra9|bqT&7Z`sZ{D(tR{M+3dOaM{gz z?ga;p%bA)L>l10-zlrg#S-=wuf=LP`LLL8*-E{9^P|5$JQcs zHYr{lHG^(nC%dGzj_I$^7=up|lEP+E^f+eUu;;d#9U-%YDgOX#rWTPGPuejP^E!=` zYMx8Lj+l4nLJ;NpUtQOq3(#ah`3#QSl{cDN@#~s)K&4pzIH_ zo+-BhD4H=aL@Ic;_g1Q+n1NF{U3-f;rB&;$yEkWvT!(1?E{akVC-jKhGbQSt7kgw_ zA$4|ZLO%CyX2%?7&wWp0Dk`Frrb9BUx9z1~ZuVxO-_ZN`S0JGj$f?Y7tcO~?r6a(_=Bn&J5GlCQqm*S)B-W$u^(Ii4oA0a{3{Etq<-@xLa zz6g?fj-eRn2V>}fI1O3<7I*E8uT}&iea+jQ1`)vADbi-l@sT9-gSHR@xMGiW8&PBc zHhSpF71ttsKD$VV;<6$o&|b8_(tHREIa;){jZv#CQ(U53%{P{?dCc~)QA{F$^J7@T z5U?iglb(;vVL)GXqWB1HPgkh1 znOSpN|F4Y$#iLZ6gtsP1^{``(^YLSB284RI!cC8Sb~9LL&{B&+MG7}PZQaL*`Q%1V zQN-6qI#Y_CEDPE$PwvU*R{Rlb-bj3B80g-c-4i-{#e7f0zxEqVtuC$>yd_Ilnjs_O zYWluxsCi0two+l;(x&gXV$Iq+0Rdsyq7s)x2eq)@F$*hCHw(WhIXjzb>&2!L30;r) zsw{Srgk1&Vjo!5C&b3PKRuQ@!EpqxMxYh%pW7SwcrdKe_H79+qmY`b|L@7W`qjOa%Ncr4mNIm8tBCSTgoK)6>)O@$Z1^>%&Zj zuToMhDx<~4#m7qFCy>5vkPkbLn=}$O*g<9~q}{_`x#Xu*=ILIowmCxvrK$&&h81MM zMxwzHp1XT70jM}PD&O_fqX#M1yo#_x7|ss4b&44_CntOJYGs(+j~1I|Xi5T8hT(I# za0`2@^S4mwOB~~{s|WnfZAqWURPn2&2xeMmZTsec4$1B=#FJuUsEe0E(Rf~8$e0ec zgu+oh!;-2KeGq$n7~9`wh5Z+E^c>N?3*GFG3W#X1Kb)^hO_i*8nEdqYncdwRIlcrF za@#hj(E7oX_u$6|$0GBZ;P2wWV@Ff7&EHM^hhfE1wl*+nBQ02*dGIy(E& z$*SR&E%0*WKd0j_kXVRlqM%@_q0yivuNPWgR)&N4Mu4QgC4KZ88wWdkE)ZzKo?ONL$lNRM*m67tV>4@T)l=16J%{A{?soplcS2m%nS?-FT z&ealaHIV@&%<+!-{W3CQA)anr+H2fG#9(^3+|^gyrcZCx!8{gtuVf3|*viY_6}qd* zM1*v;RHQ1d^Qjb!3Z|j1BpSr374(_OeECmfnK3lT+c|7j{#fZql>)Xe)eEQ)j~=%l zT*P_2M&2H@noJciaf5oUw&Di(xN_Z_i@eN2Y0t7&e6}2`5`KN#c4W|8r{T6)^!T8T z?k)F4Qqucm5GIC4I$AclPnrKJV&)MA5D2}JPvf$IwOUmbG7PiJgt3FI7i;Ed)a<}9 ziOZ`^7E{M6^#cXh3PB0j5^|T@)1EW{+oJ zA*%|(Q%8r19xgGpl>{CY$`lkI8$una<<-^3C1pFw+1WN?yxT5DRmF^YsyLzyo2TkF z1gz~H|Lm7#1-QKM>^+gzf}ARL{Oy&)^YUcTou~SoUZGjh?qy5Ct?Y+oDQc30JDZrn zMDK+?u$|KNxd7XzUV8(VS!_my!XodJobTJ9BLOinF=k0lPdRs`TX_S#n`+2qJsD-X zX_tCgy_k~6+SQJVHQpcpO@;yNAoh*%#Co7Iw$yTarn<{S<)K6*^!C7i_EMO zNJqd=q+qxsmRFg+X0+hC|7rBzKl*Tw`;xEU9&jGrIwwn}OH^6D_S;6wUrM01U=&Qe zThUxVk?F#cN9H{y0ERe(q$Mh}(0|~lzBe1=af%q-|gYmqKK#52=peH6~{vXO`Fo%E^1Y)`B z{raZ!P_Y^#!1DgJ1~Lni#jMS%O`oOp1gZ?*4A%jvw~xb%E?Qn)nd)q{nuTap^sL>h zVo8P33L4G6nppwT$W}W=v-+@6`};a-W8+}nn}S6KD|p-HXcT<7wvs!v#ji!L^C=N^ zz3N$n`QuHYKIHXWEPE%q{YYWnXjjHuh}*}2z%WCJng+>a;7V_^9)Sn@4Q5UG@U$3rXB8LNx>ZQ$O@Xta9yrUF zxZQDk$YF{*4`7+zEr`3lue!P9N`l;7kuKN-&UUY2MfY#0DwB;%WU4FIX>>9;XU2|- z9Sy2Igd_IZgV1)_97M!vx`ISiRaG=+{G{na+#o$Yz22zm!J@(`Ne`TQ&XzsT2fh|{RG}<=HMJ`~&V5ZrT--3Y;ccC+wO6e5*8D71 zb&WdAaf5lD2dp7OLo#N$n0_H`rP9JLW|;yyKiE}BJd27p>r|zEMzI}BA1mI&2Z(%l zJFxB8FV_y=fz^3R_{f)ZQvYJ4Y}4aGHpQk)4JG$AgM7stKWOhI^{KMU%UUh8xF79f z7sDM@z?{Dz104Fix4rQ?;o4?^CpsYF*h$`>d%@$VuBO)I$op3q(>(l%vMC{@B7H)a z%3v<$WF8g=N;L>{ZYejGPGj&zb;}gQ zImTVoZmdL`h4XGm;zbbFv-;hINLb>LgLHD9LkcF6C4oeDhJ_Or8nk6+uR%V?tmexN z4go$#95f+j_B-5x<@7e4*<2Jfhb$a?06pf*KxMKd{^Pf0LFHz;qm`x~P0#ul?}UF4 z0lhaZbo&aFEi%;y4p68pge{4A@e!yUEkAf!CJeE4Y?5V3c-$&E|6+-+4Ch1P)kJ$I z=h(?<+=Y66BFcCDQ>n{5LCdiQgRLYU&5krdrtAxMr4%cA>jNELGKV9>f*jhIp?6N8 zLjNni@o4@J`MEDuz7h_M+Rf6^J@&l(rvxtnHCk26GHDi!OD$Hzu0V%P3GkXv4#B%) zD$ZY=jPa?HGXM`b`+>1+O(t!yfV|6o9+q?j5T|8YPD_gTEY_EOEmWUEwy!JD> z1DDn8;^=U0k~FcJL~??1h^V5=j3repAA&llO@ch8nA9C!O@-piT*B898S)}EOQ_lY z;7!rfcxjjt{W}7}oc2nq-o8y&1GSG}@|Trm;nXT7LvYY3Kcce1Y%0(Pnum?ddVW1Lm4YzDZ!ktzb+HC0%#4Eo}1qvMa*$`C|EaWU4xR}`V?1*k`GG5dLDyk zG^^pzR_ImnbzhFJwKJ~__39K|uK4@C8372zIY_xI*x}UwY9x)-=f2@tOayTw6Dv+= z80J{{fepo7v5mnHd|VOjh}HfEv0NP8&CtuIpQv$zzYo zPc0xfcIE+V5V~~2s#%y|I+(+%X%|RyQfLTQY)RW)Q$HYe-o$GNs+8kkVjqeE_}578l|U#L2LL$K9<9Z8Xcdr*f-b*!H&Z)SGo`noW|+8Q1hj|j^wR| z#%o>~wZn^?m1o&p-`3HqBBE7SGT9wFeti)O2J>~Q#ewd>O9mf=ygX~I4LLty)?+D&nSyBo-#G;2p4)?pvH5narv8z9G!weP%&GX@VLT7 z15sP^`cU3ytK}DtW4>>R8hC%DwW?7G9iN z=nr{_N;7|Mn)~Gk#7#&+0`*F~M=`@V626hE+YELYP^I+UyHj)YBVo*wfBJOCw0H+O z`;s%=(c$0V)0(Qd?959~&%Uwq*s1@(V;&MUglr{uWB=8|amK;O%ZxPi`@8tx2!zG6 zzkb+!88tG=-|iqHO?w)iCr&b0yn_FX1#0!iDY*QlR6N2J_F=YJvVL{x;Td3(qkG)! z0!o~;M!SP1Ix!%n%8q$k8+=Q}C5;PoDce|Zw8z~kWC%(E^OEvg3PoMRaRh5)Lho3A`>A% zuR$GNk_V0ATmJ6h0wD48yP3CYX_;vaF6+w+nZtJ5C-M@&I>Q`eTb+4u)Jxr1K?vDyY)aOd|SC1vr)$KLZSKmwCxON8}I^phJ8qO*;G_+uU zuht8-o?VKQe_Nke|5SS8);2>>W#UvpSI8J>;2n(1p@^eVc8lziQd8};a)K#&)%fPN+FlIKfxYG<(k)&O8%0c@Ic8zU6SXh- z69$#iDBfe&l$Bc&z%f-?&dT@u6zvZ#p4ShFYm1BNgoHk~XHyk?Q9=ZRAJga+%JtuD z>bso$7?F9uwVc-whUcYVr&|ely2^q2UYjIU5$1-4s#N?iR;5LSH&M_qm-;AM$QT-q z8qw(OetNiYUY~)NoNZhrQvK|{N^6MPc~y3;zoj9@Er`CCQ3t12?_nXRx&4F@(Ei}} zCQq2v>Kfp!dO4I>s4hifuAyqWSC(d0Kepf`6iHDMuEp9v1vt&DkxBRhwZ8ZKOxs!K z#s)N#J7a2T|G6zP+J0+dR{Fllf}lWD#P^_T&-qej%qPE z>N(Wo8zO2LyDV$oMOF(d%4l%jzqzAdVfQ@M(uaO5pEY2ejqh{QZ%~O&a^t3x&L!_n zaF`=BH68O;b(I|eM5U)87y=nJd_(gCm`s^NE;G12uevT*sn~(i72<#KT4n$Za(;us zXv?FSh#exiqi#K08rW=2aQ1l9H$s=hiMyG7|N6&qMsSvp>+wY~+oeiKAdSXc1%{eU=8zzALk$Wp%+ENahdshoqEktF;yoIg`nGWcD_x+JX^)xG)l6%!G zV}zCYlLL!<0FC7DBbb2|#LcEC3-+dC%RJ^+f{y+}6jr#StsQ}kKH+PDRlt5l{CnN3 z8Iwu{mx%d2$M4CDOtqbZ{t?~jyc&HTboP%yS>c<>GWLVYh*#m^?Zw&x6v zs2N4+$TqeFv6M2B7*}`-NcN4`bgFB_Ex1|O<-C#TcfIKehG0QK5z=Xd`_t{5c3eID zn`@i9eAT-$?l2}b;1F|s%U)}l(4E_H%y{?k-ACw=rYVK3?J<{m83q|xi`8H{7JCkC zyF`+#^S;h=D2f=~Mi7r~9LY;S(ut&bW4RF^+wTP7028WBhaj!ppUAdPy_~~SJXm$! z$4L$=Mj7UF#mCmSsY)?0CB=~mT9irtb`^e8XA!(IS52&}8FRqV0I66pwQkFxc~_vj z+z8cBRz3?~_bwobq#PN!Ia;+8bV|s2x*SJg(5l<#vsy~clfY0rr z$!I8ld@-S~rNIA|=q+pY5{uYu7RQq1Ol9=fK*!mOBeoH__J{|`(kADdX(6brK*IHX z9~?^5nv_DDkoRxnb~y*>lhOiGUv{gz(fFSLfTY6e9;xHEqo(sl(UMI)zgyA4C_;Xl zQgtlEhA#?r8bj!)q#q%lBU6$ZtP6HK(*_+1=b|#(Xn@sQ1EnIuSIKVFS552huT0EZiHaTAp z7;8QBy3%d+Yl!N3BSdaXR!z58(UJu{2NQa>I%WWUi~>|__KEerC6@yc^{>1TE{{G! z-o?voj2-xhsq29o+Uj5pMJBaxp03*Tn3`<`JdZp2sPI4$CONB9yA=_N3RkK8&Iff6 z6L)nQ7(Uc{vu{0ONtBnMD^N7#d8Z|S@f<5o3vG6`1o?pKY?nTkd4ovs9KUV^5EKG(Hj^C;0M_h3TF zwvfs(UelQa%_TEdD_#Y11%N@8n~@P&b-P$(EblJ{lTg6F0t{h;6JN$vz#l?FmLq(QJgu}Fz8(AawAoUix>Up80{ z-_Ku_M8UHt;stOpTrp?0v)2p>>4^?2UcoN4`HGFs>1ZsGW@BI4xJszS2|kDS3Yk!7 zj`#tFV5D7;R8C8c^?HkqbnR_}pZ8+=P!&dkXOm*s`WI2c94if4(AZceuP;OYH#`{% zqtVioX6)f}1;*Q)1-Y|=H*c4JwhG_hd4eCz?q82Z-rkT>VD#_ktO&Rr(mPUHl6&0m zmY~(k4z8n)p+GvY11H;Bnm|($cEb4XMo%@+cG8CaelYYTlp5L!5Xg!aKPIi&5eOea z?gdk$B3AumyElaS?i`gP9Kk{DC3hjW|? zI|(QUIkdQR_u@J>Prr!)8}}tY^zL zyAw&|X-e_W5nK>W;{r}Az@$6?p?%)a<|*xnCh_8Yx6vAh67u0N?^*QsfSLlC=t{te z{uB3`Qa&f=U3brJ14NgT0~Z@SMCVv}U0;HBj=)i7X*mVFcs!c*Qnq*a%HpSYS+%u8TNJcfdSqIqZWd0$jf1ID53AOkbySE zeNYX>m54^7HJBl5?Eb8gUlvL)bwIP=~D@+SS{b^xdam!|sBubyyeM zr(aFIXm`Mov1iR6GYtp{5Oz?Huv~JOv>?n`Xf(g||8!RDJrYv(;Cs~WIJe3<1%IWn zWmOk%ojN_o((Qv(&+c^{=#F<59!O^54z-v=9vI%ufvCIL%Gc0#nU3P8eJXbs1vhUl zxPLQG*mn?3@pVyqk}hE=4eWijUFofg4b}Tdzlh+3$$no*Z zS*)w(^n}Qf&oRHLYmVsaZNh?W@_1Ghc;NZx&#@@YOTXvm2U2twFVou}ejgKSyO5wF z$|fS7aVtU~Nebo443Mt*8!P5J(o9wxwakR*pbDa9k9uh}_FoGfttneKNbcaG4TU6X z;Rqd&8FZ{n8%EsvHUS;dN@=Y)XUgYV8bR;=NhF(e}OU>j!SVhY3aT>$`{USbu!{gT{ z3*=$;R5NFVYkCfyMrJJy`{Fkl+}-FhG)3`Qf?qUN(>Jfg`qq9aQy;hb!0go zzuu5&x`U?O$Kh&j@Mx|e!p}69ob#&?IWEHY5O)#UM*zF_TT8;j1dGxZV!w1zu;LXlKGbFVJ zk}7%|aI|-Fyn?G=^_HvkoMZ?mu7H`Dl3RYcC(;{iytEM&mDV(+PlLn5EKzZI);SPR z)VGCwBw_uUH@2U|^3owV4Skr2k0bjb95sK;S30ZK49l8Ji4)LMcVpB3SiW|sQpps4 zg}2>+oUc_<#0=h?pTS@}xIZNIO)jEf)b5YadG~5+TJEl3KOH2xhtuTpx#To>WH$D4 z(=$VXdXBEMbrA?IeOqn9YbF;~zG}=H%WSn|d6J3Rl|BjVOWNb;4Y_k5GT%4D~h z$dqBo*g8W#Y~++j!chza+b>jqVy9S@{T`DaA&TSSc>E&H5s&GY5RA~>fx&Bn;S zuT|^9ZM8G(cQ_BtWvMclp!fgFl9wmsc%uH!a-7uY2?#`g8` z?b}Cnglk65mnlh1U>l}CvO>{VyuDN1{T3;I!0%#}%OPvVI-OTaV5XmsOKTg-aSmU9 z)7Cwy`(+%oaZt?`#!ZVjI@`t+T#j1x)KMDGk>q08JYKP!NokE-R5{dUkXZV1?a^*q z-rj-YU*M8Rpem@k$^K>*!oB*lzx4PtyXvo`k zDF~t#HJA%80lt=;^m94$-#;AA*$FRTGKH^RLZXiNn6r*}50apgr7dp=1~IhPa<==$ z`k2qsmv4fPGkL$I4Q4CPbIVJg;$lvl$!Rd~KbK$O z18ni6Y`V6pgnd^%cOsP|sLuutxsE*D$4(EI>Y<%!yuZ&R&75_7$jj?yi(jr4wJaW` zVbI+8g{Kh5Zqmo6YKf)^x*AlF0nOYz6!w?B2K@He?c*xZR95Y{%q2f-PR8^S^GBrd zo0&Yhlr4=47=dsqh)yA=pQ#Kvu=$Qt^+r=+SwvsRqIft8-NSrP=0+fAs^|E3>^6yq zMS{;ea`WSsg-m@;h!1_S|1Zw&3kXWSXnsA`?au&}rKidMsVR`zFgi$qvSWFbm#?t9 z0Zz66Rmb_7{(AlhO)QNIvdL>^+deT2Dya>6RG}VO=nIfn`pse4@w-tLS1}pHQ=s&X zjmrsx%G^eNXUk`;mV~Ew3NRKfLIFRz>XuYimol1oP)fDZZp~}nmyQoCEEg)N!OZpa z(QUgn>{}(wkJ+WUxObjd?zN)6ylJ|;evcF5?9ufLr@2ExvEoqZ?rUxeCQl3WH=OK_ ze0n`&CK<;}dvL55ZGW=8yLLbB!_L@gI&aNV_8>osQ(z`BZ}}xnYk|80iIDM4Cv9t$ zL8DPZ>L4MFOp9deaph9$oQz!ZJB_?h~DDZEbV0L)LF{W`5DjoG0sGhDW6*GnU$AS;TB>rA@dq z&8yPl&`0QLXJR=EMKi)-78z^fF-CtGZ3b+1U80g0#`Wt7Lm_x$a=Nl-_}=LPAAXQ+Z^oV}M>04z*mWq)4I3 zy%WsxAte8UWke*MFnRnI*NjC8Z`IrYFO1(8gmtkZ<Kf;20BZDO4mZTDuoO=&f z`T>xVj#nfi^MFU6Sk?7*5z3bY=jzFd^n}U%N*FZa{7lYeb$^jzU$Q%@q8Ky z5+|PHP8_HJ-`cs?X7H$L$;wrnR$+yFIUzo!WoBKZNO}l1U5gi+-z(Nz+X` zSn>VT&w8fJo3cy$;?rwUq))<^0R_5UdV2<)M?iRK$}r}5l3nYL@K0Jcl?$b&)xkp! zuJCe!UKCLPRU!KLt9wa3W4p={`A{1rX(K{PX#9$X$gK&kOOIadjsT5X?sNo}&h zTOeFPL6D6xRMGacBj&MUak-Lc@S+|&k%nQ|A{!rGq!%cDnBKX?VY+R+5~s9Qt$$Hv zS)X)ER?u(&0buh(B^kjAEXV9`BpHBi_LsV)w235ogM3PWk`F+Fyd+SM$4Syv%Wq|I zA}CWE8Ic+rDe}u?IipK1%$|hQ;?H4_2;eB&kjv!(c|E7GWnjQrOI1-*85w~>t&-aM zFyU;&oIF3tz-r8w5hV=qEO7tjx9o9-ii_#{9kvrhE9L_F2aLD0z4S0X(YgzeFeW`e zIHy`zQ*=Ij3on42zZ?N+_NLH@qe7M1Spcj=aR-4~znsnL8h_LE*(YyNs^KytW5`X^WZi~JWuyhmg5 zsHu9J$H~oob#?Vz(R$!LI%gQ%tMxzm>q?xVqffycC76EBz1xn2hWVY8>ADePvgtLi z=c^+LK863u!^eM-?p@$ae~BLWM{dD{fft4dGv5 zKCov}9>#=at#Z-V$Bzc@pZju;_Lqdv?x{o@6TIidcOt$$_1!RB0(j2-rw{)3$09kO zN&NpkZUFFIG(@0BoE8T;Xu-Npt89FIr24=1N$LKPFpVPv}U?YjBkrFLe#@M4vXboHO6{WSfz^T8<&d-@|PVrvS*B=WrM7# zn`M-YK)ccNj2^9H#@=~!W7gyQ5f!_x--twuW-J?ZY@hk6Ha1L@FH2^IHcy9!hYer6 zm5Gpe{kp?oEQ{>V*qq(%qy#xG=KDVirHu73{7}boRhMhzICXO@CnC97+12-bPyy}e zx9^{>7FQwSpWgL}!G?MD%UHfNn%s2f)gzuZqLOCuy z*5Ar}s+iMe#NB)0{U-Z$EPOy`%xlr-7f(X|8N$y1Gu)xU&Kr_pyAo7Wvs+bvf2G+~ zot6I02#i9ztH@Diqbd+fR!eFs0~O-=&T7_2!Y2KqB(r=S{ne+Xc5i|50g1PhX=^^W z6`YtZjZWX@=V3<`rf+yuD)7*AoTRp}?SV>Xv12USpRi)pk48KMq|IDo0&GtVfkS_& zrUNBC&!ZMT97Hl~o21$v8hlZRoWD0)Ec|qtMH2>DyDwa0uaqu?Q_r9y2X^~DHq-XW z?Lj%8jyL7M(3^3E7~YLz_@=t9rg*fPd*#Tj^1m1&IZ4t($UJklw^2*-<@;fSN9VHh zPtEivhcG2Qx(f|Ah5+^YiDP#IS!c(Lv^3r<>i7a(@Aey?c|)@UOjK=npC$KBPBR(o ziTjGDdd5zf_ZvRyq86<0r!6^?H{vEBm&aH`rPwNuJL{)UkMO>2r$&PNs-H(t!X7tH z1{HtMO!IL3djkN+%`_(+&^pk~LFs>*8+;*7M%CG9>qCBLA*#vVu#XoPxy`E*WiZcs z5o`*)+S=X5p zBaTy2xCRFIw+mmtlQB5IAsbu1)ex8EZ`nSrfNFPqCqXVmBi91(D2Ai_-L2W_GpY9UV~%n7_08}p0-;y#fSZ$7SpC{Vo_C?b(V{bi%geJ0 z2v>J6Geu2m6H(?FqSJ2Gpy7R*WX_#9FvzvIWFV(={HHv1qp&l#a*<8 zO`4nAJy6qHz8hK>Pkrpx-Mtycc250tffwZqll=cREWt3my(~l^`I8X7e1=L<%Yu4X zIud^z^G??2vjgG}PaXYIy6dBVH5E8nT>wcER)jehkaSks*vCa;M_Hl4*RH0B=Z0H6 z9VJ-cYJZH!%2VGr)0T!XoI={Q_c8b$1I z@g+5M=#=lk`~nK|yAz@Zzpm(Rj@zq!Ve`E})wFCPK7cN(B}exw>Tu$j3cL2l*OK5h z@1U|`7&4RUMB9EG^{6ndpRN4t4~sZzc`d^CM3t6{*U}6Mp#-$cv2hGE5u}0;T#)Uc z*dM>Kh6QGfhma2mt>M=nG2b-xd*x`E*tf+@n7dC(T1sRNAGy{nsn8&_1d39Ja+ZA z;+Yn?Fltj$fyg3D%g-!J`Ljn~K;ZFu^kOL3?q#ducEXdp+kNY>X}&zqCMgNYlOxX1 zaz})4>ucc4$GvOtCaJJ>)7Ondw37<&*C|j`blH>R$HspB$HzipUiiBu&na)m>~`2; zdGzfR>Epq`WB1cT3kSSQgygS~^Ml8mHR9K9_rkkRB)(4uXLTo%$Zf1!k^@h^-jl-| zyRo{I9OxcscP#f$I|~AH2wjZgW>4_mkNPmVZODzI%Ckq@f^~pUwrzGQ`c*J`)xV28 z0(9ejsc+a4@{oHC+7B(|yD?Pv)G-Fvf;xN%d;QAP{ZUPLjtA#P6PiaK)@&h7lUNEWxGcWq#B6%k7r!eH1QJpJ_}9`s?&H<)Ef`)fYi%oe;g z5!`F{`@-%+wswE5F@AUXyjtnxeTXC%&AD)@vYO-xrNv!4waKNvw*YLJ36mbJn85aI zMi7wNik4z0$CG$KgdY9*@-{5EKgwI8=I;3DsdlBoWcZ*l%+C0v+qLVf06dheo$G7T z{7UzS_Tfk#GlD;$#V0@jq*RV%7LGO|n64B

      %nou;v@}I;ErwKMUHBq^b&A$Jt<3 z87iGn9k?jzk_o7ObJA@EhoPGTP8kubDnF|i@?YrYr)c!Qzg+`-5}|$hPz%h=@_JAR z!zJdcw>mq{^1P9VwfiK%1-$!N%S|NKptR9ia@P#4vz={pFM;}G)VF?yE!I)CGUizG zK43WwA0OWa1o!&}ANm?U3@K{`OtcH8qnS)a^X!42wM*R&^)v_&);AQMtW1H34Q;?w z9x`lJx_*{F`JqOso%<8xqoXU{hK^jGBon7YM#v2#DYbE*s<_vEct7Hz-Viyi>SB&K z?JP^CRqayjohOl!whbZ%o~;Ob+>dUuJdqI5w63{WR1c!u8xTEJ%v4K4g%TO99?YVI zYmiGkZp(w8vDWxczs+__ovblIPuSu0L*;1>k=ay?Dnna?iQ^o4#@)s7l~ubqo3i8; z#nzn-WTDi%ow-bsQQ-O~(oCmDN{x*OG>hN$c)7}GxI!qs4vGc#`MuGfemI$9R4?S+ zRCoQDgc*hmsn?KJ!Mn1UYm}W6T4}DgU9ENo8S3F-lYIRBoN%Xcww|i>1h48g*WDJG z1aobISA4Edsy;H98>DfqcwFtz)LNaJ%I{<}9eIgmIC8*SFh6j>kNZ z3)~6DuZJfX=6{H9!&lV{Sw_P&A+L2%Br>yBIu4RFGhZlEhJMYogI_aJlX?fd)iIq3 zuv%8rwkgCe;y0R)+T^Y;ge`+Wov%!tU?q3SQpqJ%CY=*cUklT2 z(Nob&RH{q0g$WS4qTbZNe8F)vbPC8|`JmFev_mw{;_J>RWGZfB&Wod#;1=r#T5+bw zXQpxY=iM@-5Ant--{Qie5_t^go1S*pPj?GYND~B>iY)ZI$3geV#1`vJj`UAQ?cf-v z^??SK9Oy3~Z1-j0+3UAPQE+%VhbkYF(hH-!!bnypz6>{ht{Xz1e@N$c|Fdm47ESej z=0t(GbFqOe%)}Slgu;;{m1~qNk;`+no@?Gh+_6}8;KPefeJwd-L5~aU<;An>#$ur3E&>zV2nrQfCsxlXZLKcALw!1pD&w!Q zTgyQw=Kn}#7wok;r_tYtghj|5CJ?hO)zpEJg5fPp>NTwy@LlQg8Elk|on9)0IeJrfM<30uIusz0I~j6dL z%Np)Og8M6tj1%d7`nmO;TXc67SPc*S+CA<~)}5pxHfs~lrRXupsUx@Nn8-TmZ34Y$k9 zpZuoV3e^)F)!f3pqyc2w?4mrhO_&oUs3C({)_ z^8kJJ<41btr1iAcNEbHjN8tdoa+>&Eb(i3mkGEj%HLuMG;hAlgr|awCinc>OCh>1} z{_r{X&v4VM8$jYs+Wx^3M))j)d#3})1UAibFEgw;&k!wI<-J9bvPGq_!z;&_V~)>4 z75d#G_fiyzCUDfF0@AXsLdZPY?!rDqa#zSE~Ji+~-ccecT>f^nWHcaX{`V?7ABF7S7f()cCP42Y3Wp z#GcS1kCzzkyk-p*8i#AAssZg@mzz0xl97#gf@x2iph3sVnI7FWpNXqm;1L$Tr}w>2 z^Cc@mjxH?#8pYZL+F#Qe^{%l9`n|Sz`dC<24$`|&UU=T0Y@|_5m~aMT^BlD*SG&vj zO^)AuUM%33Q>%4Rq2y?mQKg^gFu=7s>iOOBjAM1)i3(Yl%%+X1F$`?8NXBCH#WCDA zx1Jj0ZoP+6%qG{Zm}JQ9H2tJ=R-)C9PGX6FgV|P2yd}po9Qfd9l;ryi9ab11K6Di{ z@glPPogDyXy!jF82o#z8uIxH2SkT!s7V{FIJfCO=6d~pBkA&k!r#qj{63n626A8RR{S{j zI@zKkstA`j7c*l-*Sh%s`1Mtd%oZMoIhuF?|ZMcu614OUiT>CQY0`>tuG6X#ABWrq6`b?KtsxY zYj7aFbT%9~3OXpEha@6WJWQJoQ}Q^L6>kafYy4FuU$}L5reB+RJj74C!H8lk zk;-W+5p?0%q~H2n8v^7l&)#*`EA|!3(nJdBZm_JcI&!A5vVOIY4jhQ`tskeu{a7nu z{5gq5vTwm;vU=(&vT;dGBBs;i4%T;yL0@v1Pg|DYi@?PYd+)gP=JS2y zZfoF`NDmh)!f&V9R|iGJz+A(C4^AjFtG?}ysg24f=UFCQm>G=BIX6s%r* zIA7s0U#6=`L3g}1Wm#FNaF{r~zqEAGDDEW;d*?T2p8PPv7ib}BFT;2m9~necL=ACm zYQAzRn!2N&jJ+g(xjk7e*bpZnpD2r$Q z89alFdpGZ4L+PR}D1g`EzCN7FBZ&YFo4xK`S~MFkHjZS~c6af3-Q(tRzS!2g*kHMJ z5j!p%w*SFm({~Kl3;P5>(c!D^G^Tce9=4xF!|!($sS?1SXm=w_)HBwm$@J+tJq)(5NvBJ>t?vqW zYDs{xgWYwhysu1jobG~PX4m7%w+roSd_kv&+ACh)WiYA-${&u8t_-wd!?>=gw-c6@ zWgc0D{!giF+v9wfbGsHwAIh!JZw`~we-}x(pS^u*67A%1-g4+nQe(tK?r}WCZoReA z9$}z#D(zO>xI_k(TQ@Q??ntvbzevW6h(WVS6cMR8Xd276-#jbvcGti1*ds$oSYIN#utm=8@2XnW%%Q*?YlkMZ7h*-AVnPkgN zO|Mq-#bHuNyj`laJ>alYN8ii52@x{e_DNySaoCI%sP2_}t3Z!TNmn}RCsu%FbfvDY zo;)b;bS!l_xNNMP|HIYTqKvOY{;gaj+I#KUr+liIN`3KrlS_2^)1}FL)L4NPO!TCr zTPscFZDU0P+(Vwe)nCm!zC2g*_l=5=iHcG#rGd+dE(!|^ds^Pb5ux^sjhU3Rux?DI zbV03?-jAP|>9mf@E;%V&t@?fi%|W=yo~4;a3k^yJL2_U8*T~ojD+r2zhW|>etxtP2 z#3T0_ef%ZkZjoqg#n~jNd^#LmA%=aB_Ute}ljr)7=mvqLOO%dUy3@GZn5f>JsuSTX z*pU-5JXQ0&i%~Wr%6=7af0fe>krx`t4_i7Oj3=_1aP_YQ!LAU^Mgw_LNnkAUkgB)6KPq$*WhrT35QOY%{c`1 zD!v(`!nQAoveslwpb@+IW_F_plSo^Y@endl9n@(lI={f_Lx^bHx&O4i+~d$MAg*Hp zScI)byt^XS7=(haM;0={@k+@f~B@Rd3n|}TTeX_ zrSZXbctmt!wvypGq3+$rRHAu77uUUjd(y6Og4z#${8o(c6uKMRhx*;&$yGzzS3SEQ zK+pE8A`Ry2%9}VPd5|e^kbKR%4&AR@(@?lXiW|PIN;IP4YlE4k!@g8ZS@gLY&j#D@ z+n<~=3ZnD5(W*OI|0DrOfEliPfbKOlxbLKc&GLOay_Uv|x0-2i-0SNl?ICf$y*cq` zW?iv7(dtKkZdCWea9!%vFE-&r``3NrY3q_P_CrxO1(<^ONoh+_`sY{XrHS@6hYL+s zqh&cq`sk6;Zl%M84di4|3;bFS6I>gN0;c-fH>14X#MX`>-4~(&0iq0VD=K9qhd1*p zPac%2c{JS8==e6ODDw`d`oZbR%q-%0?Vu40eldcnR#I348|L(S%&2aEvbzT-LvUeX zG3CPa-rc3}e$l0*)^S&Bx|_$O=~7?=HfO40Xpj8RP!PuqYj+tP-9jD?WMEhbRMOp zywk4ctyQ7G3M-RvoU4Z8m(0=`5!CUt=(LV_14h+~pB)?Yry=WlMfiW1kjUZP14@sv5=sme|28@tjO zzM#4+N$_fDgcI4qg>bTV$Gu*X=Dl8?@l@}i9EK9mbIJRpm0Ku1koKOJhG7Un_q?xu zXz$+{*CybBX4O^?cLL#Scr8*+=SH0Ky)kqr#6OXV6}M(h@sC=5&=Nq|=q;DIP?IXW zu@#R_@%Q9eye6ODxRWio;$JqizVw_HFwKpNJ*aj$p@7ZOqPd)gJCPctH9NqdJjmA0 zaF};CHcdEvn%?I}S2x>tbONqMhx80duD*_?s!zU%8`q$kJ?JnIFFE5?pB_mnQ$RkQ zBaGfUFLhS~bd86;_X$@R-|$&ycLTtof5KpQD_6pASbyibq%s^Hkr`(T+9^7yXlFr zNV%-OVC`M9_O=fIo3s|e4o_{m9tmT)u2zp^El%=08~pL}3fCFU89BR4r(C6I4p#C0 z4a=*Wed~vOE}u~Y?0i(N%$ddf#&Ukwh)Wqix8_=ooWW6usxpdn);FbQ(xi>pv%EC< zwS0j@XN!fOqsBxF!RpE>(~h0p&Nm|yUi?9E7N?w^dP}~sTj{qhL54Ha7v^m#X}a?3 zrRf}FdrpTFC|hg&pA}yRSR}Fz997{C``ZpacS}0mwBRk;Rq-Yauc2}@S zo4ShXA>yB-xhcZ%S)BTQ61RAadZ|se8+V)J9s^S~OIGaa1x%Y{XU;UDiViodFp~M7 z3Z9ZZpCTp`<2b7%Exi;h)Iz=X2<~^^FLpBo#jC3pyPYitsD(?s@b9leV|kb}P*hz1 zbk*4R#c_m@HmzfNL}Hfl;6PMsY{{c^QIzH}qMUqtfy@+*5i`crfsTs$av51yRn$sO z4ug=y7icQ7N>xE5Pre>Jfj%2KFh5@f85pBjsy2#J!p_Rh&N7Dl;$XD6m)8@1QIrPP#>5}O*A0*Ox2RNAx)ocJDdTu9c%iO3O} z6t5~!GecP*&J+`aAwN!)eP~)|R|!Ctj_~6T@Z<5ht*s1qiCgPmB zt0Zb4tQSwlg|2n?Hmx^#rJfeW-cxT5ldw8Xlm{SY|LkfSEfuZQP21ZXOrE&SeJ5+E zcDP}<+B!?ZT0!VPz4SLgv ztJDG^9r5;o%khpk(Y3M|pGwE^^!@BGXDYJUdd*jtBiN98UQ;=ccfV;10nw3+LSF>B zgU?5e<7y5$%;qPB)@EO7)(_wF^Ks$U(4R(9HI{qcewBq+x?Z&BnVic)YK4PqrkE;K zIV4(XWEqxoYF@)#@ZU#&gX=Dd-)M3Zj=87qytr*rr?vpwQZ+v0%Tsi%ckl0Y-oFgA zvwsi&lGfz@x=w>Y*1^j)IqDStkl9@&S+R8}ZWpqq?=H!)J)0%U42FdNoXO{FKVaMx8*r9ksf8!JCsewZU}qM3Px6%gH#S0rn$N{~Cm;nMG#OHO^b974)_Ntd2p zv-v%b+;t{wG=2t6n$Bt>Vb~pJ=P+ewElI#mH?i1U6sgUne_s*WeKDxHX$ce6(3mmZ zT>LD;rfcMWvD*l`Xw6gviQmuhC5Bb=rL0Q7o9LbQQxU47R_Wb-?p1eNFGg z^%0td()6u2Ud*7a!=HKS#=^rhLSyLsLTl0*9{m*q>1&SulbB8_nQdJvMX{~aCrauE3=b&^bgq)Oz1*5$ zbIFOulaP>*G9G(1>AAMbT2No&yBNg5keJtsQ%OLtYC9Y|__-xAO1T|fMg|Ot z1Jl<$4fLF;*0lA_9*bUhy6i0(!^?)P5=Nsrz3@{@%lM8Q%$&~CguMov8u-BXBH1Ol zu?m8j96RRvzgt&HK*|+%R827^U5${0Rn0DOAn>PX%zCA1#|dFCoi16Q&k$0s#54C_ zqb>G`V1gkI?@(a3Ee|(q+B$qdPI$J}zb``aQs9pa!)}EmmL2gyz^U44EtM&FHjnY! zu;&zd4=yFzsWq1IQ7lSHJOfCrsh5N7+8}a*m4iLq@gZ(PFZkk)meC6j&0Dmdt~-qi zg3~;_YpdTChR5ZKF1TU=H~6FG+-FI1yUa9@ms&UypZV&OOK;|-9KOC(F)=Hu7n{j( zIhRh-ZkRoDxAnSjM!^i%7CJt&(XX@Wc*5EvC5mU^1iVHAU!mQHZ9hB_WQ&&8SJqX! z!tkArgyAH3*;dzcP|(vSLO5&Rfd#3=7nTmDh%s}9-Ug-AgZ8Suz+0Do!R2lr_tL%1 zSUvh?X}sV|V}<@a@dx0EU)YFcCK5)jd2U9c6c)2G6c$Y7pD_i0$t(8!R$8UarcKmU zr%3ZISL78y5g$b4_|b4iOaG)uZDIbs6W&}bN z&ZLjL74lEVkT7Sl+qH;>rVYGJH!$;xL0&v@yF#s8|LfqRv4Cico)4<#memok?O$k3 zy=}2OwV%pag_&@dXjBPg5?I?Hs=P6E*pv-D-m4cXO z2_^AJAho1Pw}%&9Un{S@ z5CV#gn-=x17mcGLyT0vbB+qhimW!dvPLj=YhiUteDIo|Tc4GKTB50bcWrs{cc}_DBA`NY2d;>fEPF(}Wmld~uze@; zN>Rza`XiPaO}!#by)0P-eLTN2s(4aQl=c8-8%-eASA~lk`lzin!x!0SU(&TZNQXBG zFz8d8OdlG#9$(K}$1>Zo_Pa)OLLU3@ckd$Go(oBO?Qdidi0*QdTrs1Z`VYI2@Zl$@ zW;+>iFe)1@qMe*`y6*m>eE9rKx8ySlm+jBJj$nD&`q<4cEgX`u#yDc@EStd9$V?`p zvk~bPmgwEYyml`F#p%dnYU$ntbm}UXY$z6FsFUKnph`d*eGL*If^G%{eu?W()y{^L zk6X>Z5T$*m{ZytOdZ~@_Rfz9)pvR=u)kwBn{M?Kq5)SwqoiiJPw+;kJ+T%AR4j8*LJnQq^8H}9a9Y& zY>OI+e6aKn4>0&?gl=?n5yL|}MQIRHuYUqjCD{isxa8yejVwfjFDK#X=qf2^q1{qJ zamwP@Vj!;EPf}n^|3-hS%Gi)-W@Eb8KJD$1FONkzpcjV4VAko&<&_v+QEn#F!U$9z z_Y;GU9w9w6^er|+Y;>HvUEwOtT?)i&wO)h43ESo(=m%W3v?~`AF^E!HTk1$4=83tz z?ZIRyMUxacLsoTHn?LoW`;vr2Bd+J{5+8wvLZa7x#|~4qJopsAh3>p0oO(kkFNO@z#eSEj%&A{{+umTRpvC3uT{X+^Ve z4I!0X-o(1%S0Pr!JS5a>>afD_wy|tmp&ls^!xocX5KL{IhE5Ou%(G=LD*S2!uhvgL zx`I^T(CF0Vdd2+`A=WNI`6bC$gX2WeclWrV%ecW_LBpMsAG^cXj4KVtew}(bpY-H* z{K|HQe~Mv1ZnO;bLALw#iGTY17Y1)B85en!ho+BzG*@fDI8Tcyr~>0 z#YZp90*~A*@A&iwVk=6)VHs;TyCy$;1e<4%@-OC=0?iT8`0Vy|PVS%*Z3Cyd)-lT4 z5-hgy(w0lEKUB=Y$d^myt`Ftoyem62;rex3&jK-Ad-`9AEl$L2sS2B~98g1T%irxv5EQB(i7YBv;K~juY0b#~Jd|&O$)^l13tVm4^L%wCN`3OMu1?Y@&2}udAB;HuWvKpeR_JScA*OCJ&s$i_BfWrZ+aA-7c*1S5G_PWX)I8%+kf2t6a{(gHu4$P z*KE_)?j{fY(-RCSB9sB_mJul0-{bFUrH3EcnB5MEPm=+^caG?ruS(H7xjwZ-*te{f{GVdrVKlv)&#!@kPTVs{3lHgF@s{+>7Uy3~5pcMK#0Fb7`z zP+EjUC@TBw6p+toVT>SM8poPF4`=CN{@X|Q{{cDY`&HSKlb$!EOzf2}6b+rcqV6~p zh1`BMiCGqd`G9T|Q=NG#NzD&l=1z60?;?E3%h+ zL;T)a-Swa^XSp(JFf9=8XoYcmM~LSTknVk;K1CP@jW%d714C(&OiR+ z8lAW!xfargo@Wxa>JS#SC!%lL$J^e=uC*Dxv)FUKF`}8ml);{=+hFj6ErVuMEd}}M zLFW#mV|;@jja2go9Exe=GFsqz1TqZ*M0>z7K0Hq^P~s&ng(oR-6lCZU57EFv|5yz6zpiqCgC@Uioh}tIqUgLvyQ`$S0|6ln80_e-Hx;=nY*fWANm z0o#ER?T`!^Ik>=RK-5(Lvbdf?5JbXBRg`xvP1|i?=T`!AsY;5JB=V3RQ-VaCy;W4M zp8(Q-908mNTLw&dVul2gRwS+f@5n8!e|4R4#%WZub+=NI*}7^#9CI;?uy@kb^?9v) z;-Vqtis!#FPzj%Zf?RUUAtbKVGqqX`u5UL(+>6aQW`byG=n!$+cLjX_LYT&%xN@x3T^ZA!oYEq;`bs#>2NDrw=0tx9%; z`F7YClTx6Hz`Yz@Db7isuEICfzJhO`3kqFgqw!6{KarKhA=g>-)I5BLsDt8OxUO3h z5dHUC{AQr3GF4((NuKUCZq=dWtEQyXr&GahhG##XZ~<$&8?8M+OckZUtw@X&P?Z$A z2R+E=4nH@FLo&e7;)scIrDvi`R*XuA3^3>jvI@GL)RJ%bv2K}rq&@+8vMY4rK8+-irzPV&^mNq7RC>gnw`)Zzgh#<9GG zCvSXwH!}tFu_*Evg>wxO&W(PcTi7UMHn6u+#&v##T_Zt2-<|*_grCo@YCmQp@Wk#|+WM7U|hjKprn%yH7p^R0s5um8KxlN6ny&qd|N9PP{PU_in$PF3}1-AwWylq1QqG=L#Mb z7Z8%3DKTg@SEv}*v~?rbW1%R z0|Bu=vja}@M!~?=uZ8aV5Uql}_pk4gPD-YMRlwHo&->(8TGMk=#wr5kWj=;OF?K7y z9QH&9BVC*qpc94CPea#KwT=m09)HP4b=~bO^)GR)CZs*NHe1$?luK^`5*M{`NT_2mE<%IbJb}b^y zgTYF^2mF?B!{r0Zt=F!%0$7*n5HV@kbul{kVPE^#kfpjlc6&SKB!4?dPCbR;Nu8K*Q92 z)4L`Y+vq$-JBu-ktYa-YpT_m#oNIhTQmkD3ra`f_CO8?`xL5C-9$?Ko8SJB;y~z&E zQ{UM~U4z&xo=xLC2E+qo$0BBa^fHm3UMmtK{<4A(AXpbz>iOOp>?m#>Xj0*r0fuzT zDF)E|nA%DocsUTx!@lotlsO*zskOdS+hcN!LZtQO!qvpm((bhL@;5k7_w!vAovR*K zb9CElmR#eDE8TUeI5|bys4kMUt900`M(_Bq7XfW;h49Iqm2IV;6diW=oSW6&Bq&p_ z#WB4h4CeplRWOnKP|F@*OoeRrd&2#6*r*o)J4`N4qcv^ncV@aUF~iRIjn`%Ch$o|4 zb;3E*qR%ze3lJ~lbah#fL*ZwT9oP?jLk5nd5Bh=^BKR6CbtN-IjUWW&w!=jg_SD^3 zmTtCMSY3;xI0zrdsKztK@s&yIgG^?*dER-GSfLgAzNW$!%bc;0>1TP`6-Bv_gt{O{ zt~{aOFC*o0nXJ@0BbF~iMpMVMyj2>1vzdI&c*pzDQnEMHZiaR2DiedPm2k5;x0F6G zmT-FOb-UYC&ztxbVrYn}Tg}~Sej9l}PRv!Y+kkT*C^m7@C$dzvsFES`^e+VQHy-f& z7r5Ysm&OrGE90crS!}TOw0#?$8Cz($PcW!czO)_pmcdMMb{(_w;jYvg9rWS_i~UU* zZ1KLVb}Bnzy<<8i=pwBi%X&ibkYr)AebKxh0)#sntED48&k-^Paazn^p=;a*ujBg^ z%pKO4-N_PN>)Z3<#D+V}m~pH0*`xj&@84FN$5cE}G4A^vcWVi*#CN#Sr%FTdJ)v!1 z?tX9ZEnT-j3q1|Qg8Sp$@qvbn{}+h*6W4nMdN)GtO0BG>erzSW6XLaKyx)K&E|^~x zjI+qe27Zhqu7i5cH54;LY)sB$*E;IWd@bBMn>I4s1Dj=F6 zkp`##{s<*Atd(xdww{~rTGtwwquC@T-cNP)-WI!*fu5R_w6YGOsHzGl`0b9QacXPD z<#Ue}`E`gLd9IussS)!D^Vqn3NFM@=oGvKYgW4_8)8)!nUx2WAl8l=%`#|JC8B3|K zZUepR*Ytn+BmmK()2NbUd(N}po?OF?f9xe?L>8jJ5PXn_fezF02wkE?_pnb;qM<jV`{W;8jc&lJyHAs+!6AXFs7xeu1r}j6F9sW5Ucw*R&^VPK%SRLr% z;g%0plU`T&>3u1c^MxDbf4QyFW*H_9ZeG&6o-g$%&R1JV*zcthPf3^QgO&Ng{Q~K? z#A35(AJvO9&(&Sm-N73lh^L=0ys<=EP^@W{*z!g5Y3J*y1)Nd1Y>JtK5=!_M1+bSX zFCQFyMgw~k4C-;~J4pLc^(hkI^Po{7<7+Lkm#aUOGJqQCKk1Id2>kx*@MB^z&S7aE zAT4>$uIWI&`>yL!W^!W!x36L>8iQOUhY_EpLQKhYryn934OIU1+oAZ^D}`c9LH2@1 z?~k9vOVkF1+|CE~g2uz4QM(g*sXz=8EM>?GI4c3ienz3#eoUg+`Gcq?fIV~-k_j@| zk$Q(Uff&YECD$ZYUOcSJr{a^f?O1dt5_dajsfiy4&QNd>$K-yO3E#1QcpaKlD^T_cqS#fhW8Q0nx2G zWgM}~f__w59R0`KFR$Y}SCnR$X9f^qN4fxtr>-X?kLlc)aaU5}-bUi1EX^xgE+ct~ zMpR^%=J{*hE>3)$w2l;2`U2r9wy0uEjy$>B*+{`|I)cOX2^sr3rXUT_?{@YmGsNyq z&XCI$wuKSpXUec3Lcig6B5G<~s|t3yyyB`C*OiewMwf?Eekwq( zS%)8`1}a&ZA-R1nUs$A*n`0aw8&570q{&UhM?GF}Fh}-#Vnm}Uj#;lek_{ok?60C5%571#cXt%W^rRl}as}}inC&wRlgv@CdIzp$-6KF40e9~7rfVsD8T^R@pm`xM9;%aK zbpm#al}9{4B%+hlZv&lD$_o56-@Q`IDNY>A9QP^bnRQgNxy?}_(_`$P)^j|rJ{R0N z{EF7Vp>L9_iz(u?&C7knDhPf*M}=ucNH|g7JAXIj(q_gWMjk^OXEQ`{bX#o*v*np{ zOl_zPpum`3LPRj?i=SNAKE|Ia6o0S<3abuoJd>k*gXJ6}w7cUZe*k@O>TaZY$Sr#G zl$6V0DBw^E!)&Q!R*Uh@I;WXrbMEp&`cpdvR)wj}8L3;Q=IrJ1oj_DLy^~G{~vGIZM%daH&-a_N8oI&qf zm)S3Se!KW1!Y`#&9QI`9a(M1kIorN5K_wA~1#Rt$zjo>{6s|W`RT4E@F>QU!!hdOI zB&w#M;1TEJ>24e(iV|~;039Hix?YoY&qQU>xCv{c&w@5=N@&2^!z>7`u>YNs)2Uk%wH z0aE5vbCcdzzhf9#%p4s+}0&yk5sPl=<~J4nCUTMvZO zK$;OyeU}%((^w@wRo&?p8~1Hdjah%}3SLMI6f_uXUXR#Sb-=s_nbuoTM4nKy(=Y?d zc~9a>n3Xqs_`x%kU#eBNNir+E6UvJOvWx?y6If5D5A+hhb{DSNtDuGpY*yNy(KAQn zq1wqRf-(h!6(~?iX5BA417ebM&l8%a%sZ#E32Lo1Dm*Tt`tgO(LS_4K#LZXXDI^mQ z<3Z8K_)22`9S&iNF%6YIT#u6o52*gIF?t|LdU-6lAx6d>tl?rjoRZEZ^@E~3r1Fl_ z>tYx$DB7HMVykvwpTmu9IHNQQqBUKww-`Wt*KHk6i5XJZr%G6!mN)+)MD)eUjSB}J#U&Mb;b=vC2Z~)XyM8c+Uo5-G%fnEuf8bXEtSA(?x+G) zNU{5&*-!FZDuFp?{8BTQXv^dm;f?+hAvBuER_FJ;DI0PXh83QFFHV2;z#PR~wMEm0 z(wD}H6vfslbHjM$h~LeZ>n_2PS~l(*S++4asV^FA=k3R$v+M$W+Dq0?XHuw0>4)qi zwk}Q+D|W?BcHMboz;OS;Sp6G)rTgY0WwTE>yT%N=X|A=g7V>aZTQ-yvhy^gc6j31^ zoM+EBP9|=rpv9j%&GqG?Gk606?R8(KdDDqfm#m-QMQshIoblEo_zu(e2R~xA?jFd&8K((CkT)iDP1il+;CL}%bnqBVm5uQL%#cx>H zE^h6mBp+SY;oIxc_k3&wc9cQdq&jis*Jc&3>@H}MYKCExEA{XV7dzbU zQ?BKo>DaJ{Qa)Jk`7)FU1PENS|6i0IKh)!S8VzKgO4e+o%eSekGZcwHmY_PGEoQddhuOoOy|4wKZNRy3*+y zH9mvxZy_2{b&Yc1*pTTWJJIT_qB@11aBW7X{Wi}ix$v)@1>dNyMJRw(rp&cthsX+i zM~`aJiCb13tQ1d1OPG}mM0+?Qf$HN?}AECOECJb{8qVY>8{d{hkK;w8S6!IeF>QA1zv_yFf#$` zycitOESWXEqqLdIIyR4~Z@cZtTmJ?5sTh;|GR-xJHrB3n_00fs{WnL)kA*PA!D+ns zsKjI^FM(vZJ$eSRUc_eD?ACT{)_#C^rn^&8-A;uBrA};YxeH6d{Heci1m|l_$-K%S z*6WO|G5PHJd|llYBn}Xs?;f9LX>W6n-}m)~m6es?#AowVqPkc2z6)JilrbPe)p_Hw z!>T$=`EFFMWb>*GZJ_(%Y(ADR;iu|%|6osA98gqZTvB?=44W6shSy%$ow%-t;ccg} zLbxRO!!f#An3}4uZrGs+bpob<2A40`@N##_^LI`^awUyTZ`Mq5X&jaa{Toi3ZJ)HY zO_HH__3)Gt(>38#B}i$PJ4U~CM{Z+@!i-VW>qlGBGEc^+vc z6La>6jZ(ya;Pa^|AX7%&+5}Pfwass>{F(Kpwz^AtBj=E#aBBw#ZHGt8Df!G)5B(`w z2?U_$}MIC}Nc7iM_=Ly`p)ZDex8tNyi08`fVP@i%z|AfzrAr``w?q zp<|%uUL4mrqO7@cU>qeyBr*)f$i1s9w9KlkF#3|$N{Wy;NLjsNv>9Ajxc-Aw#OL<~ zt9JX^L$*&fu^Xw%KfTZM8~xg$_bv$FyH}N_etivK(3GuK`RsMkb&VoSsSeif2u~cb z&Xx}A&B%}Ys#7HZ{WiSub3ma#%OGjsRdo6^B`xKafS>mBQw6PeSmFT!w&46B6@f zaTUQ(ls>ndeWnQD^kTH)JuaWCrkwo|v)1E@b~hRrGn@iBCm)$tcZ7Z1$NZ})+5#8I zFRcFvI*;^e)VAc0?tSO#>Tp^JH)yM?ts~$du*k&gSTce%M1Wn0ja@BVkly0(Unh*-e#vX^q<&y%m_CjNe$t@C|9z2pnG2o7X#45k1rT z6aJTSj7>yc(t+pxTA5>J6IB6;3~gk)QsrJhX*RCPN@?Bpc_3Jnw1yDnlR^ZIoI4ON zJ(WIGAG6|?&kiKq^KR~8s8rh@|N{D~t*#IUBh<*q zg(;T=Vgy7Jfyyw*akt!e_+QmjwTJDAA2wyk+?PDAED9v*wnxNbRLj8iTHOI5?Glir zV9=}=Sh-76JPmjw(Q`iSOEyyKgx3bTU?&0SaM)9&=a)3;A# zh#8s@N_+kfE(VYcd(8h~Bftgfna(Vwd+DTJ0Ams@ECFQWF?>tI5 zPtpML7XHnXf6*sdZUm{(x|7K}yk)Jj;fJdTxhgpDO66Zj}t43T8`0UCuhp!6Ih?JPbynB>dB zXCt6#vv9ql0XoyB#RI&PxP8CCv!PF(X67s3mjBTD5tHVS^=b@`rYSKR^1_-ghYb)^ zBTm@H)8(I{4|ReAS~d2*VW)&@k zcg}(T+gH{%H*wyTa+SsMzb7If0t^jkL-n7c_akME59E2zfI5v&TFyGu<{$98g%M@I zI{+R0w=n)cw07W^K#XfofOJIs|JC-t?Djo6kOlmo*LduSl_4_*thMyFJpXTg_EEX- z5&VY>0wVqTJ9;5-Vr?4WmFy60oW`GD?+D?0j@<)HA-csA;73v<^3{$|$j>ijs-`s3 ze^|$|)?mVgP9&-Fqw!FMx1pG+xeejRJ3{LE9&Y7~i-MwCJ9K|jBtQYde7E?kKEwKF zThuh|+vCTVBb{|TvP8WOM&ziI?W$RlTo)P2y6MZsXF8%N{8iVRvM2PT^R5je}d`_+w1-tI3E zI}SQH|0G-fH3CqXaI8oye?H%c)IaLxm)jhhzlb_H^}US-TKrP>(Yo(Fs|rHawtm;S z?n15aAK5*C;(W{3EMaaNJsTPW=_-H+3Q;irSjX>B%!3;unx}t7Y#XH?g|>FI6F>#a z2b(e=b_Zw~X6>mjN`JIgGDgv7MtGg*#}xs7)y-@;qw3dVp{r1HM2Fyj`xzslf@V9J zK7t-X#``9rxhL<3CRns$;yWfEAN^LebHYfX$qTf>_{AsFLFPM+w$FxcOfMe?mtXNQX>E5TZ%oswOII5rAC&ZE_D~YRg*evS z5=UlFr9b+{2;3v1#7;G$X1Mm3_2u~h@)g3PduWNn(?X~hF&9$d8eln&2GJsx*bNDwks6J{B=7uySh)(nwc#8C zP>v6jx%`KnJyyuH0fo^~RUE*84F#l%3%R!?ERH}KJ`+Nj`ofg%dIvi3{JtiKt?lU} z(gpA1wXtu$N#nJG5OZjkEdYZhC@TZZ-@CKli_n~{x?a7zaO zOHJUhuHt4H(XCFRwZRdCCQIfs-u5gu>H-L*n>%|T~4#n1oAYiTKfC6)Z0Co7)z^7sqgd<1Vi zM>_kV(0B<9mAqCC%sA{`F16f0`K>jrE^VH$Kyvfe6zIJO&;EYsajG}xne#O z)8eLoX8VOXzwYATp{ap-1{!fWY81IU@8MkFsa{d)aU&gR>+5{w=^BIK$8s&|h^ z956ZA`-Ib!-H(kW#tA&m|3rbmE2maC0>+r3CsYpm5^q|zrGTOtB%lu=<;HVcP3W)W z37wS8QV*Bv^^EGt{hs+4_HyA%6?YfgG&)FdL(ARwLF@?TouA%%{piVqL4ygEm2)I5 zBnajKBk>29`xk3dn(nm^B|@d=@4*tzY`3rmoY5@)i6Zm!p(Ss^bejCkx3}U;O*iMw zXNV1konhn;#IEa6n<~0jU96TA75fW}>c72@79jZUm!t|Jtaq6ru+XdpjNPk6zN%Sg zXX2Fq zBPDUQ=!^0`l}skF31LbH!H8KfS8R3B$Ni%ZYQPgT*1AtiYa02=U=hE$l1jG4U_WB; z^g6j(OTf-mxhy1A95|Ft{y@b1-F+&pl6m(4|HPe3&0~u6_X_iJTPG3kLFM^tC^v7Z z{%|($h16-9?ousKB@gq$xQTNla13Z{$QX6u5O6&O7Avr%fmV%BLhyeFj!lCFuCJ1M zXh-OP^*}Min1LQB+1g;q@b{1p-qev!P_lgi(LF8;qR!wU>9jVb3{5aCuuUx~P;LP% zAbN8hya>!2ZfQnqj*?2sN>- zVTbTF8h5(PA<2d3c<;LWE?$;Q1Z}OcQrETQ{dtVH_mtJb=!?%uOie9bH<4v=ZY9z{ zQzZoRnMBxtoivocBbr27tWq zK&6I!%JN$vCGUD7{j~QnS^jxDu9@3KvZKu2A6RY|44vhJ$?C?Orw zN-1#s7q&?8=xsD_CV&sY{3ZK%=@b2|BmiF&NZqt;_ z4A;fpw^NZqzsRkw3mhYT`nNcnFN18m_dJt(+K7*jwcUtlY{;oScyIO_mXVG7__u5D z7I2@j|ET8hl3cuRZ|slsHc9zZt!EQDbsv4XVCc%xY>~Nmzq0WA-DIDu*_4DcqQuh+ zgGZbtmmzz!qlp~*_2MyCK{nM8e^nOOgU&tK@2vi{H`@k)MgV{h=-i=%`T%;Qy?Q%Y z!G|*(ikljzUR(DM!nWUCDKnh1oBmg3zOIG=6pXR;tez#9X;4q0FlDWzh2QLS06n<$ANENpaJ&+-5jDn$)dwR)}OTsP%ijlHHZ?j_lS~lV!k5OH3ah^YKm-XsN`- zW3M_IT!cYkch@o5xGA-c`?^r@zNN9C$Bf zy$)b^+iKzF7Iy7SB(Y4QLrXb4?#i9>TSd{Mi~N0fK*BBEpkYplt~UC8JOvTfIKa(* zEKU4CSmSW8QKq1DNCcBa^ec(Q2-v=web#(^F{MeR?|wgG_5fRfrgUqclvoytFWPu* zN{l?wI?4Ge#qT9OnV8|L*0?SiKD8cQ+xK~o2umiTXEh+cF&$92OM5}q&ko`ncUnM~ z*bVERV8=M;&5A-0Vk@OJQv~9=C9=MoKh2MA{W}IVpne*2O6(-QC^YgS!QHcXxMp5AN;~90EZ$1W(e7y!YID&ewgrN9PBl z24wG5Rcq=qpIIfqZnfFq+-AV@di@jo!$@7E?3c&wOrPC#Itf~p!GIcK%l(txUmIoa z=a+o)!HF7;Y&Y+C?mysJd|}Lb&v>;xtK&J`66@0m)XLJPX-i|V z-v__7BahGVAH$x7F%r+_OZVl{$R(CJ3<$|$*Q06P*5^~+O{@u>F8SRLf z#=eaY0m(CZWCwI2B1dz#NEb2jA5Ve&YNd))`PUM1GEn@CmTmBOZCKBj;{J&GUbKGP zjonmw_!{Lup08&0T@AXQM_uYK)LyGkxzzeIH|l9)y)B4e;0pKnW-UJ&#b#Jtyq=joPyI^VR@Y z|Nq%_XM`;9*l5iu+7u+y>-6QeSS2w5YO*2tLf5dUVpTFYo>}m z*lG##vs!X-if@BCu}U2uFeb18;`RSFldUAyik!H23R>{nKxh`*b>E=*wFH#R z5nQu^HQ9lhE}>6f7G!}cT_x?^SGk8-Olpz5%@AEm-5{uN@cTtN=zqzVflk9qh1^yq zxBPYU`ep6d(%CFLP>m`@KFHV^R;T8t{&0!2XI9RE6US0;Bl+D}CVvia>9#<>Wz|GG zzxUdhg8IoELg_IDlW7B>jV5fhJ9iR{?+UOUDxr zz@tK?i$hA@yd~x1AxGC6NEAtpR80eT4DljNij?#b%o2>mJb&lE{>cu zERglC0*oF2xnixQT!ROYnQ}e+0?q-yH}_0j1rk>{pFfr`sY&Gfe(2X%jPt6r3ylnHG?4P6mF{{|6U=o`0AT= zcK7~9mftT}b^^!FKC``Q1LLuKetF%=SQCXZDeP6#w)IOW=-Cyp0Eh+fZlSV$0g@3@ zGczQC>)V20Qr=g>{atGHB2DyP2y3ZX88m6g8X_fOX9F;x-r2$iZ5#rj!`wKM!_ph7 z_cwMBWIhE*wyDi*K$Ot5qo3{a6SR$I>Zm;bUyT>Q{}cQn{owcRUod^m5*X$i76G|} z_D|4|B59$>-o2|OtF9EwYpZ_HssjJQ`y*WUK~7!JUFCBDZ|W`ChEMy44yu{n0sactC$MUJ>W=X|;`wRJu|{!JK|M9W%C} z1G`eVB0O`xAxnkw3cdNWm7wbU^0bLW^!L737uFuLTQz9F!$1P)8woe?1LD7UCjWxw z%CCimant+E>=#T=6>&@6#Km8c*?K|2lwK+8@IHafKbMyolpSGl*b$QWzQ?{KZMR3} zq_n21cFwdWn~6DH>^5VN2JU~ezOTYsGE4dlTo}oHNcXfQ1slU3@DY2ozA9mOlrY3^ z?nkppSB)&%&w|BySTuFQb$>=TKRlEk{6FkWs=8#OQrJ_P|cv(dM_9h=IqL z2nEX4>i>@x+OI$rud0L_9Ll9V{NO;?LS3ywOJd=8>6DN=c-VYl$*NxVXcyGI{Q8u; zQ2^Yub0IRRKJ1iJQGLFN@@_;}qDKFs&FkWnNu=j0`4^!pT1X-x@EqYb#g&yr82}O= zJ6H02Jx+tT=h-m87yaTW{7;=gU#}n;f5u?>>Qb)|zgYi#zZe zB|LKJlmj^|NvgBaUCJM|b3$an50yZFBMjgSEujjas@1(d&sux`F4C@PSuyv-nc4DM zN<@;cQY&nv)x<-d9JAWxHB}*UDy1ci#!e8EGXG+R ze}vLmv7%<451Id{p6=9vZz5c5{B2me(x%iiO^{y8+pgHjW3G{&c8ZN928lZ6wq>4A z<4G`g@;a;ye@R&?=1iQ0fVmy* zt04BYw>owtKNa>96uTLo*q7mT3x-Xty@SbfO!|{t;@_)eOvxfP02Hig2CfZXaV5s3 z`o~N-4#jAvx_gMxf3Kj7^|A3xlQj*%=A}8h%h_$E`h+Ko3|E9jEh?lQXPcP6V??M+ zNegwB8KlOGUfA5)`qo$&Pl0qxGSIH4<&cu&oiH9=?s9fi>(3ST6jtJI=J++B&txZEH})4znraUM#%8^g?Cq)XGM2X{v6B15^OS*{`# zNY}%IG4HRLLRCA8@LV^&b|$-MuiQtKm!jkt&C77>X8oaQH8rC9_<3j{I@~Nn!5~si z3(gzC2uo)$o3*ms&Rsr({>LlY*=P^# zWk>hV?AetFj ztp9NcKW(phuZ=WWS|nzma65}NqKeiH5CG$eS(LuJE8h2>*e1P?I|WPYItLQLX*q6p zzW)+~E*j7Ra*7&urFG=;PZ8z(>hLtq&L^pbNF2D6+TuqNlo`JpKAV;dIZye7ybGT z6wN|rwKF`ow=hZOG{baDU#~guqmG!DMP5mt7BN}uAj^z%Cyt(tD{wZIa)+4I6q84e zh=qg`%5sBYs9r!G;QSfk6>1RC$&e+Gh!aA0!2Ie6XNvG}0T-?(B7Y4A>|LB!64;-5 zyn$E47&aWQn%Ybn*YRRPRYn{nMz|P=R=gG>-cRI7N=h}=dy}$QMJ$us{n=k%lV~PH zCrQ8X$i>*WuTn>@eIaN}s2C zR^CItuwgg>CAR9|_sA17Lni*Xb7O31rO8>;)W{WM_a>z|lyY3E+4W6~Zod4gaY~AO zD^)B+Q2*j_+s)2)H&IRk#ryXSjOX`(vOtstQ(Zz)H;x^5?TPD-Wzl8IZDMA3-TxRb zb;wbkmnDuV4U2CCfK8!Alz?j67IgDIjjYZe1AAWB!le|u*%?kI)@UxfS_!y4A9>78k21b}+juS~wM^rwbD`!#oKHAd2oH6HV_XtuaNx$CmN<~`Ag#G|1Ve0s* zL+TRUie;;4_MCwY!F21Ncs0@`%EDnXbufd4i)U=8+BMoGiWMo;C8`zW>XfAL>8Z`q zD~4lGPU*NGRY=gOb-g-h45vs+MU|Bx7o7lGN=z|Oi<76N#RaI7T>ej#%#r1Ek1bhC3Xe{eUa_3S8*qZ2($2O3-r-nWwqB*L3KrG4aeV?Y&bSvMC<}~;g-Oak3a(to)fJ< zAchqTr&{0OL3G)-p!hQyqj?y3fAibMk4gC}27=GEVz40>RHt3dlsn;p$cb4~qdON)7 zF@HFk)`oxQ-(UD*&oV36wn6&t;BH2DM1^Tkt1MN_Erf-1)X-H4x5RlcQ;&x0LiW?_ zTll|^kEwV~u-ZyEkiS~lvW%(xNl#-(GFlu`7J^)KQB@Y}Q#vIMh3_h*(fcJQIoFaU z(^4C>dz)nC6jkU&C-V;c^x$8VCHeMZXRO?7D{mb5;R@wSCCg|SZFLM=W3uVAZlf8a z-$qo?=6G#v9ykQQ$Tp7OBV;btr0URd0 zk{-OWrtg2-(6wmKOi<2X1MbwwbPCvY~Rkw*Z!Mzq;W>mme|Z9SR~ z{+!jxx!1(scGr{rQ<9L=wuQfQkUbiFo`>A?SeH>CFu+I;F7UM1KKfxr>m-`w@5T*Q z9kCB0N}u4Fz7*rh=er(a8g@d&zGH+-N0n0v_<)IQYiROj-Sxnu@~f4ksIBj~JITRW z45n+8B$MA<{Uv-l6ai-bM5(=40L1`+jJ~lRDhgqy@DGu|% zsuI_$9J#BI*FG8c<+nftC!sUiKdWOvd6Ftye(OI;ym|}O_KVBy+VMEFkg`dIOb|*` z86>}j?i}b#mv=w&4)i2WbtO>* z^)P_51VY7-ZhNPNUZAK9n+^onDv%+G#{EE9CJzq?{2e?CX7-C0zrKD|K1E`+ zvta}a5jDzpMpFjQ&Km=Id+{1Mt<>g@HUKd^f5#4WvCaC!ozd^@q>EEpdG3}i{g_29 z*SC^AbPZ;{F6=TVz>NsxMWZU1WZTsPXF(Z;n^C~q!aCLlZoA!=*N;>@hHjE24^pnI zBvM?DSYNL60*oG~cc@fBm- z_8A~7UFP?2HjqL95S~fjLFaK7%_TO)+Da|3YEwt!$g}M$g5d}ihFxFq^DtU@+viC1 zCtQVeQQ*W5ucu4+M$QzjNc0#?Lx8Jw*jn1gx&F`vREaVqM?%$>7J%ejih1a$jIYTzJxr9;Vvmsa4&!2m6GO%`u%y4GLJpGBUNJ)UT( za&?ssFh43%`ZNJn|9JCaHKzF^@XR9kI%UI;Q_($;R}>C zfyCPj9~QQ$wmnB(`_3=_{`2Xm^X^;s^$sC^=d?9GJ=-@rV>`O};N8U1^mwEiqA@;f z@cF*2;SYa5l{x#t)x`P8WW?;dO_Y0K;)@YyxtdZI9nHZ@UFe=%p*j%jNOZ`#50rcbv{lMvR)HwcT8HyZS3YJ?grgBgN0d+8u0ra0T@D zMJUp9%FZ74Re<56&{JUjcxrQmBd-n*i|hVqkGw{C67%jFevPt>23#E+|EQa_pDHxQ zsT0i*vtDUN29lPDed0{oU#(x9OAp{i6@Q>iw&%U(0orcqp){c}CemPl5zK#%YQaL# z7LYL}I0zqeVByWMA*vzZk7OW$5#)c2%ryLk;jG@lAK|0C%0q=TA^MRRaDy4Y4P~*p02>BZu+l86)C$=4FU6KfCr3l{&UndNP|$K_1q#eFzK2o|D7!F zQmr7z=a8T%M3d)tjGqF)Q_q>zV!qCl{^J;wdyNYo^7R_x&iv?en?blZ(x zcedcSUC{-*p6sD-PWzy|FZiR3QgU8NC%vMeuBR3cvw|f_PTiR?67-(vYj~Z>sZCQL zL?ffMcGfb|w-XZ5GJ_0~FsG4Z5%_((66I=IiJpxyDG-+{RhlsVMRe-mc6^}kYw0qZ zLw_GHc}-^_DF+9GKp$~mbLvYVBm*WW6VC=7IOi%#hT0~BnYruJ!g1#ahoKvky#Zws zYZNV3*du}bJ$L-0ErIOaM&7qx9zr4y^CkS~pomB6dkU9D?QRru&x@FcHFOl1T-=`{ z`-X)l{I7zpZ+klc8qn^%(*5?%T7j2SecK}+8TI7ZKEs|ld~&?Wo1qNq;j%Zo^U1la zJ)8HQ%)|ZsXlXmI>#{Gq|7L)p%j$n56si{t9Eyz;&;*<*%}mJpAct-KfGj*n(lkTf^1Kaa9Lefx`&%A{xI6E zwdKk6+znL*5JU{GXJ@sYc=2U?hnoI{0UCB_!()CTd1R}wXq(|R!ICS@6Vmo}yxro7 z9mY|2G90;{M=zz*=d_>6Uhk{vNWFznLsH*ha~T`!kWqgHEe;j@3X{!l*rqOsCy*d< z=<0Ob<7&d@xuChe4^bvhV4>+~7H02Bzs;uHW0dZgHSay^*H8l49^)g{zuN6aT?!~Z z>bsmMLEK;=tG4BZw>fb2grGooXLn+4`;mM*T518C3`?=d5#UyRgmtmSUiOGcXL}hd-PTlv*A5qV@ZJNpeitpR;HPM%wFSWL4V`pa?$hEmY zrxmU~j=6n3SrvxuY_r?f$J`q9*pm_e;yuDCNBXT1AT;De_2eIy9h@0R%yz9&j+Com zjt|7bJUoz$g>`*S9G{2RRFe6ESAe%(vcLG{_y+G^m})xrgW3 zL}u;*wox6kj-&rGt<)?7Iwgon%dNhwtL=-q7=mOygk!;771@Yn=BL-!$u%bup~2av z^)53D2g&)fVG#}92oh(WL8;ANhfr%~$6#C|nJ)xizTz7=;diG-PIW`5mz5aPpB&3> z<*&@M7ZEZD?_}X^L>n1<*_n&;5fPoanw>T0O#Jzt1`V{a!Tz0Koe&ZF#9A4;_^ewE zaT0v>!yjg!XIx^ZGX<=VNh<-L0&gN!W9c(_?Zzv2zhrm3x_t_T6Tb4{u`=hhQ=DG4 z@ZmQEP92^!dOYOiV z;J%+ZYRg&RJtt))sZd+t+lWED+4_>9fg-{1TK_ZO8H( zAXc~}7G{+sn+P;%+4yd=%Vr)SMB~8KG6lGj_)$z)1HSOBC9Byu-7z+;shAtxubtxr!@!zds-5b)K0@2ed!0^>VHH7-(bPk=-RL zE=($C>-r`kg#SomLig!;HF4gNWGTW1ZkBEa#d&M7(EQ!B9jnTPBHk^CN*;|vZ=`%h zW9uw(xpjL)7-ffoEj4-5l@U!M?Z;o=BAV)Ko`Q-gmo2x_u7Zl1FIEt=9g@0%1i-@2 z!0WvM0U9$PY=#?0x)ixV8X>AQ7v8}hA;t#-MWHoDy6q)$Fn2+>)|3KA&nl?M_B$wh zZ&xIdx_W~6;*{YGD=VA~E>evH`3UvW3@d?o<|c)Tx9F=MPa{XJ{B`MG*&sk*gH@N`TA9$<;B+MzrW;1n5`b z4vm+35=J%i{2XToCWGV>Pnoi0x>E8^TrRSL3p^gZCW1m6Pj|kW>+hwsMA&U$K3;$I z;~C2`ASunBDiQ^2l;58xbkO4J1YyiQ(}$Y9Z>3w+smr5l*m44Di`U^xjxJ=hE{$j$;S zE`?00&t!3#EHO0AP4Nn;OxI5|_~?8eXjaQ%%p>Z= z49|lR6+WGi6qYM#rW~82>rc|&H6o)1D#+R8XUWJ~nRT}LLNJk~9vu*(X;6G)46H#y zlGUZj$iZLxM-}b9GBi5hPf_#+Aq;+iT==8b6$r>6{160T+US+7-4}^LlP0m6lK9zF z@re-Lc^dZ@oF|XPN4+@zdg^!?F z>f0I~sld~9zd*z0SuLC}ekapK9&hm8#^}dtM8iiU{hPugn(&6L*I$l{?Wl?N%xiXd{g}<0h>&Rqw z6w1j(?!TNu)_G=axem>Vf1XL9&QyLxrLMgZs@_UfGR^Q30}ccksAD`KbyqpMERR6CH0dE@z&ekap*4itj!u`? z+2t1vH8V32)znp58@^WMnf=|uSBdw9)5~l*`r8j)Zwc0-iZI;U3}Fui01!!%2S}0r z*=m@7lBM9czd?cU?!*eJr=z1HChcs7l~XXWlQh>>Lfqs`a`wq+d{O^97zpC0NPYsx z`$D_h>VDoWP^%4MjLz6|w7tFGwn^P-l7cd^fxLUzX0q}41hftW0Wg8NAT-wHd+E3khkSCP>}l9B!NhBl25hmvzpQ! zD!P}&gw#ve0`1&-Zw#1OQ%uo895X09!`aZt|cD6%V3qj8N$+kM{- zmMI)FxLkj^Ez+rx-(xiE(^$8gX_bhTLA4Ydkm&Z?Oen~X*?2!7chOTYRn*t9-@W-0 z$-I1fxRUHN@29wqFI?mn5@&YL2a=L>`lwQq?(0qWnzRU24_=*5!9wb}s|FM(UTVSx zKK%CDlxM$VW8bgKnZipXU;IE#-<2)>9R!QZMrIZxtghvwO5YwWI+eN5_{{OsOZKnX z_4)|xCwO8dDO`bVW2et0 z!)FWas(xoY<-BY@3!<<*2)Gv7Er$GhaD(@88^WK9VSSOw^7e z!^6+emIWDg_SrK6yflZ2SFC^)jr@$u=#&#$1urO_+6ot9!{ zm7_8ee1!^|F-sYe&R)+8M^klr55B`z%#)0QV`Y|sH>X6?QAS3_S4>#d6c=fO{Ox7` z-n`=~2!4g+BTfdD!oE{cLy}fB=1V9Id(u8V(-Eg&m0n+_XD|J|qhCvy5X0*z7QDQz z0~7EYnVWl~G*>D2o;$O&7l}DqCBv?;?Cj#Au*@b|ai$-tgM0N#dF#_)5M)eE4fDF- zmhv4Hc?i4_R6b@cIrs5>D&hNeWqQ8h&8@kWoq>_1F*=xXlhCN0o_FR#JL-7c&nx^& zGsk$`?2ZJohb1?U6}3HWNmae%WQ92CRg}Y{(z^>gI|B>-AH#!;kSYe$)#ZD4-j}G_ zsrZG*B*;hxhkyfUp$dD7~K z4v&TYYCREv?-u9eqE6ruN&K0*)5Le?AfFqb0(*%sUjnPEzuVZj0AoWc`#!>L@B1Tu zVI$E)f#rpOQ6f4dRLl|q$6=L2#)L7EfcAC4l6ZUyp|vr_BwVI?iEbhsG$U&eH?%(z zI(Ro{=_3wZ@=<=J7B|vJT)!A@I4TS!vL}Yt*(%yr03SaOKK_11%~=LJuw=tZ2m97a zXe4xis~?}qJT)%F#KqUSp(X%9pCr;Kz#MCQ`7Uvd*kY8DS_8t#(rO2JW}H^Pq|O(L zU#7DyNkZDhq&KDDT`#Qcv59SloY^7Fx|VlpfJ=Bo!58vgg#R*-0RTW%CK0?aJysw~ zEdStyEH8yz-!^Fkk`dk(VWFN_{IyJ^$ouNk-6KN1{yM10F$<>Khn8(CoD|@9^K0sZ zvsH}J%KbRzql$&2Tx61`C1l;yt0o~{TPrZ7Aso4k2{9qKyL@l~GIPX5JVW?iM@ zjD5>1>>!OiN(Dql4n`?DtKt;VPR`L~b~By~Xn(6ytKM3DDa@k^`c|eP0?qCkXJc0p z`T8t-Qht;67Bdf++OdCMFa=<(#N`BPpp)R7QeugeU1z~oQZFq}(bT`zO0lpz)7s}3 z@xD4bq;^GwsL&ZKNrP3&9WXGcRrh?8tCwzUO*f|@~M5~=}W zX#%ThhoI3T9hqlacWGPS)AR_`!>8LReWQj?}nHgn=liSFIc%7 z7k0SMYmIS0c-<<(RK=ki=P#rj&8?TeIr49M13Fwk>!tjYhMx@q7BIIRwRwT~CokF0 zK^@qh!^JP1zHKvmD#VSm(cEVbO->hfzYbX_Ud^p32stFVz6_mU*9q%6iF~Y^;UW7k zq+tiEjyBoFPeeAw-6h3lN+)8?`r)GV^fmRd-8#-fyo4i|e92=}wJQLe5qGUPctbEC z_%t0Fr2RiZ1^~AS?->10DDVaxdjf$v`sC>mfi=H0jp^4@H6c2~#VD>RW_nobj~j`= z0edvYECBXpI_M7$2@~ChzC@xr^`e0W3&_mOCicYI=u;^|kWU<`_XpYF`KrMe#l)9f zkCV?#^qVFC$oNDkb+&T7k#^e2cb_4P!)Vy=f8#djCRh9?g7pn4eM7@feju35W!&ku zIWZCs1T%W6jWNMR4OCB5RE^sY)!SV$OOawMW3nZ|y*cS_JsdNFt6$@$`~UsfQ-h3* z`;vaWc3b*reM|`OzLHG!R8^G(ZHmL!mtI~2h^`Qgl-RzzzmbW3UMX$q?z}4V&D+KR z06Utv&fgu1?*)3K$FcyEAKePf3Xm0FprJaR1E}8Nd$47hnJxEm;44q77o4GI_Bf$#DJN|V9!SbxK|;wzw100OFz za7A=~--P5Y5M~|9LHz%l2;ZkBspvhp112QOo{;y z9avmkoSBK|B$5|KylQ@_VIZ4(vzZ8eYd)L%YZUGid4hqGqPDU;1x!Qu=HyG9wqCKM z3xzQ_1y2ibbyw1vKF}%g?^{29TBz7)oIK+DQuLW!hx)KVla^3M($pDcCf9MRI~!-j zSk3L%^|>AMe9kr6(rCOs$kO4TTd`i_MKrbw;S_ z%x+~oMKSB}E(=XNIIaW;znH$XC=J0x!0JXq6mwG) z6qMQNx$sQ{Yj}usP-XF5T`v)2XlD0JbZ)~(DPhwGbP&d$ zgnzxh!b{_dy4}>CnZ#*fp?%eCd=3>7s3k_nvH8Prpus2Ef7qZRKu~{}Of9CNrzi8U zH?uyr8dZ*yTGr?>SGZWihdCbe5RKQNlp%WqQHq$8uL6ak)*=9!c4R}>qhq7<{R%1Y zh0kGJk1_Yi+iGg)r^c5N z&2jbo4r^HbrmlMFOcO=3dwieMMM||IRkJ7Z4vqlBZj?rzC1m}<7QO41DA+kB%#R?x|yu?C-B4( z@_0EAr9YgmJBK2Bz?s#IuFof}j69V30oMRhDt%K#b5O+`z(i=Lm6sUygbZlxP<^hV z!`Ai>VKjc}K^&u`wo5*k?1+>>FxYIb-&{p6Z!QaM7jj zx2g8UZl%<*4iVwcgZs8Q0j1S5sRGl64r5{tr`WO&m2yIKTU@Ns6rM%$a8ngSQCx21 z-wnh%lVyYJ9x}$cLuF@bB24Vo!$+F051n|!D899-HU(`diKwVuuO~@lHGJ82cv@7h%1XHf& z<5a7Xp(=>Bz0>=xyN}?lhrQ zKk?EF+h2Ieh!zCwzwk@tirGdaPlkhAvo+0kxuR z9EGQ-7FAbEa2(#~t1mm=hN!HRrd2Tgua}6azT~;8G#r6hq3y+XX53tc!z7kKB(QNP zgC%AhqImdgpZ8j|<0+95Jz%XHo#H-_urVS}y0Wo5Yt!8)$e{V8s?$aG`drEe|NvKA4^M=-sVn&38SdZ?3RBoH{8{DUd>06ny>!?V~SaCZpvgqZRQj zZ<3;<^+Z#LHC(87ZB!?FGg_*0o#w=e@6XxS@CdwNyB$MevB>EG>dCHO16~~c@3pie zF#D*qDozJ?J@#hbOMBMxb%M%quvCPJ<9FaOq?tP@lMB(VY8EMGGrA1d6U7jYXARmf zZPApX5_P^aS!|@|VH=E8#|=#ZiQ=!=(Lw^#f%e(e!`e=}Ee| ziZ`7o;PSp&2%rCUx^A%3c-D!YVGX~*`K8AZ@An516YN}rw!1Q|s8ojBF0<9;3z+K^ zr1-U}D_lO;=k?L|gK0#MZ9=nfWbt%_UZ0VCZ*J756P=XNxMGBL?JAwtkO|AHh{9mV zlN{G+<>fx5t&G7riTJ7vh+kVmmj}Ho3m$POJCjK?pphuX+ToGx zN1QQ)aSJCk{jjn%_}j^w+vZMm_Z>pEE(nlSz|0TfOSU$s<=wcweBgZdy;vy&^)|xo zNy}1y9EWzoIA;dyX24>fhLW@fed6gr#a2XC8lj56)x@20<(VH7CnOg~xiaL3hdhU- zF|Ns-;WUl2hg@4i#XR0ytTwSopLqY6IACtMV?2{LyXJyAz2|V$zU@?f#ds`dM9Uv= z9ApB!LU|CZ-AMo4L6o`PnYRPA$2+m&17zyd$q=)+oN)){9zxx?QCE9?&nGT`)1*4L zMN1_`U(3>X=qVx7cuPt(JhZ4=%Sozuh)zzX4^3=Oy_csssqLbTkwT&YTOb=7F~NnO zcGEqc`Dq~;HleMqSo8)jAQpACC;F4gji*|PtM(7cG&a+mZN_jC96=VhI;ClwT&rdLkdJ`btiIO?r5Sj zS7SD;l2c0dXljtNVh$C&d_3HBh3V6c;rKox=q4n3JUQyI@s80b-&l{?DjVGS(Bm#O zg|i9Gz0Eu;nN>!hR+p7w-uF|1Jl@|3jyFN+7w+z`)z>dysG z`9`1R(TuRYt`Z_1Ut6ylG(=!x*LNqqOqI2+>ZJq$`BTgw9vRZA798AEL{6hoFGu6p zj_5GMzdaRO=@r2FqHmPu;DLsGzGXc^^r9Iz!}Moug8P?$Nyz|rV@wAKu?wwT8Oi34 z@JMOXY0u)6*`}sOvZgil6y!NBzP%F;P90f9htEfv_Rs^bG$uP{lOy`n(og!=xP}wF zKC!NQ%qH9PSY$wOne}a4wmME+P&-M-SX7R2i0h3N~7cKYPFzA`$W(8))IuVPF- zI}_awY8@w>Ukowl>dMmdh7M}hC+X1~82Q|tA|J~!_+;!WuWVJw=7{d6OU~VPX^C5H zsUnO71`&{dOn#teWT>jAw>7R5-CIPU(embKP-WHBi7U$BB@9hlb?R14x2Xj~IW{)j zBf0x6b&O8L$V5bALZ3b0Qhl5{+)ztoqSrOJ)t2F@sz%&zc^4UJGMd$vEgtv7)aRM* zx!-`k2Aj&j#GrS)#{*{DPfm9#(c)cw+N`mx?vSS;rO708nTB)o0b_J5f*IIj1sRr3 zRfB@TNp4@X9VZFwkGTYa_?ebl&jb?L)afS^Zh*!+UG~tZL4a1;@>>v6(PVv69S-fr zz)bm}Ys$53z(Q>QF1hE1^yC6JHxpZ5r-?Y?VU=su#*W$gs9#596JNCy1s6vpKb z)l5Q=uB$*t^vrf+q3n9CF5N~=irWF}gz zESlvg{|)xZE7^T0A8(c@W18eSs>vQv_bA6YzD84>=NMDO*dvC?7UD`MByW`@S5@XfU>W6MYwI27p>EoCAjljnKf69g5u*D;}>i`mINs z-`rTVKbmOKr%@a^MQT=Au>4dG7=-*O^e|IkuMA-$_V8a(VMQjKOIFDZn~g&G=}7BN#fS zlAacMQzgLTz8-1n=A-EMmoChGxW(0Y9niGP#5I}lVQm$GGYf<^d1f8Sb*}!!bBcak z?{lL>@Ux8aLoy8;F#V#J!`5tN z{TsA&R_lFi`Zw0ypk1?ca@7n z7kP6+1rqTT1!e^+r^Us23JIJ(BI8wKUUg_5zNAgj6Vnc6zpSv4ra6LN$IxL2<==Y! zK_^p~tYB4LGrA5^3(*tnEn6W6xL>pblPH~gr}!;JvK4UujN!%VLxj$A;-}pvJ%OYp zj)&L+FUYyF=sG)7*^S&^6gZWjEf&%AlVOugZ`A*6ST06m?^awIePCCN9xWJd(x^cv zMHfDM@^5*9XO!H@G|)QnxoOBY=NkETr9Hy^nZm;PaQS0(U1)<&mkrngS0X-mEM@5OOF`1ft%%G( zVoBw$R zoGvLzUeq+4JmVkAXV;Ke06OCJUXgMfsOpKIN)^yLTgd7Mj4)mAvvv!AM0qH)r8x#| zUwB1R3~aJF^ReO3%sTmR6X?&fh7TYyj0ZN@adaijO*`YKx8-dGy$oM)SY+YG7^l)M_H=s56|G}uNZYIVf^awA*LX*_ZXP;SA;1*N2E%k>Z*+$X+iIJpZ87Yphbu@lw$tFMlkjGHbUcoBA3NaFMZ0rXiIYMpUQqf-_Fl$GMh(F-imF{6?)eYQRyGEjqKY$ z*c3hi@OCl!zl2h#;1JGQt7?=bHfzsZ1WJ>iV>aXIfPfY4ktp}8pND^k0wiMoJ9QQ{ zh-)jfDV#};rb!1PVTI3z{MUy@bk)-`S}R(_VFypa4VR2N+PYg)&(6@3Bw=BgXu@!$ zO^GcoaFcCt3_;P$Mz4(_bVE=zRmbC1=`<(IKO1ivQUaztZ|BRA=SmlKOJdgG2l|AIjyBxk2@+Z}0X zQ9pn8%bwY1eagTfQ+ycfwXrAhEW;D4o59SwHCTWZ=-d>N;Jq1A8@pCBt7|6t{`ZBO{1{hj);kWd4JXXSL9Mdu1peQyrMv6^fL6b%JvjiD`eb zf_y3=>Cr+& zUnY+1geHJgoO(`yZ@0qyY|m;->?xr2fGjM~*BItS&1%(>iL+DrB3ngUK>K44rfs6o z4W@AZmES`&V69JE{BFx0=6XaYxnel8@iq-NPkx_LYXO14GE7*F7IP~oxA2Ut{Mljv zRNdlCAo+$wfsqoxH@xBP@94%*-Dnc8z6*Z(d*c=f;%^C;^*u<$AB$r!nrq+l zz(l91oX0Y+-y?4{H*9%~2b%^dZ|a+MLh*zE;J08>PlLLZDWmPq`R`T*&AZX=`iScd znwj%@Y|L}u>+AMWLOMV>w!gMp=+l`mB>b8*YQjV*we6UfHigLsbgn%u=34#rfCaFr zKYZXD{bgrlzcxRCodE5?Sf!$7DrvauT4cD@VW!hF~|KCJtMO^WKh4YlPI) z&g1b;Xtb{)8xTq{%voz1DTn-G;Egy_6^dFimHNyxJ{z-2xfiI#h*_<#puH>$sK}68 z1`6orPyjwYS$SxyMVw?0O3Z|9Py~!@%YN;S03D(}1iNwKAtIL8u*>z_=eq^!OgEO7 zkn zs9P#lXG@fQFRUKP5><36MM_ey8)wX=ee}jx zbT&hk-n0GjR_-YwaikA06+v?d&agZRtyH*6n!xzxW3xL6@L;z5dJ21Q?9__vW^ahs z^z1*q8o#T?>LYA9s12C7%}_Xggu;-tmaF|iF=^D6{?JEtJmqr$#mnC6!vRE#_x&QA zDyzLKeB56HW*DPv_9~qfMA~wZnT{4r$*I%0LgQryO(n0rLgpF1J-2{rWFmMT6Y#Q7 ztKqfpwqto3YSS!odWO0_BeIo;+nq~S zOUY#uyO^oN)wKzy_GUZvOVJ1B>fhu@50c6Ah5(sjAXujD8hL`tyvPYQCKIw{AY7Rh z^7Cs!{b;vO@J(4%JhjObW#TeXORaR;afunYecaCeg@<8}u=G`eIl3m_1jai|21TgS*PJVg%bthRI&8<${E@~XoGge#JTmG7oY%z?anJ|;Z z>z|hyFp(uZxJk2~^PEs>Ucz=eCZ`yRc7CC~-E*F&gV0lUq$=}@bKfJi+>3Ap^i#b2 z0?!_w(x=y$a-cgjP;82zJIO)>jG&IUlzx=7V)CpZEz}>vhJ9mN=FL_fsLlJ$f1FwH zrAZi^pR5?!nw_TzM^99T+fu*3>fl;L#8(UyW}_2%rWRR_vZs9(er&)MN)K(Oup=@W zhcZCM@R%pRYATbO{^aVH$CJGT6*;JniA(VHxIzcAv;pDe7}?Y^u2%}$phP11GjtXz zG(|#0=edZ)7Rw0gvQ{`;D54Xm=o{2ifKgR6$IN^iI+gIAK2;UCtQyI~Pov~eOKQ#= z5xZPFP%b}E52DW-i|F_$QZgB|z}FJmnV{E2jj6)+9h4i`L`W>hDeXONH)2WmCJHHy zHlD{fh^fZmJnKA#wi?-|Ba}mW(acQp2c$SjMh$~NM#gBgu_C1R3hGXBtDZ_Zvu40 z0Ii^mBOZU=)pRyzeu0R$SVVe6k6F6keuhS_ppXk~U>@-43m8|%^z1D!yEf_2#s5O zwdPiSq%K9!!Yk=HKppu<^}jj>x+D?F$o^=n6jJAI*yuo%tjodnpqC-ukP$lvJDWXB zS_14JXrA@rra0C_yw&i;jrk>Mqp(reuTmv4GEsEKF_X+NGoH-q@>bD?#E6Y)x$5+O zk>Ymd<~xneu7fR+MMdQ4Uwl#03ySj2a~20sQR~B(5fGxz5KYST0Yez7CgIgVaQWU{s*b|hmV? z6;lg}*E&2u$HK+8ldPr1^k27eajA)qe$O2^wjDv4k<*cc>; zHp;%Kp~lgX)w3)QS1U}73YcrMq9xzZ03S)~eXS;Gq;68tjyM=Htm9P++14 z7l3WI6lWVWsB}xLr)?avyt$SeFJOISmGUh^Rn~EK0g-xVWQi(})@cV0y;+fHd$mq9Z`M#r}|0{GGJLypJokc2MWA>?J zSezDPE(E@`nzG%Lc~?e)USZaO>_y^v3IpNiq#!OWa91}aJb+iH2ZSVY-hp z{xe}a`Ow@#_pg~)>&rbkRvQ}!7FIdyIJ96*&p{P`)^^6edFF;LewEu^FeNQq8X6i@ z@5b1I2{%m7x!;IM<$+{?WJI@+$u;fCkVofZ)ytWraAzY>V*H^mnG|V7PcaiPE%*f2|;qLnG zf|=RTHl2705|J37wx$Tkki@6oGEQ%3jiln447#x6ao#|qO1rxOW;$tA#`$O~;RYTmCZax;*ut7<*2RT3Nm?ozDyjN{wG+mnWGWwM!mnap zJC>+qjUyfkRWV&Mgd6twbd$mwlYT@8!C1U(_tBMARa3IE)p_C1QKcS_N&fXT)aA^M z)C$t_cBNGpvFgF$PX@`{9_%3cWBzxMd6vq77}(_{PsJ%}0JZc|?M@ryug`j zY_L>O^#5u^r_9nmscrK-!Vye?bCZKz}BX%J`ok$iK~4 zhj%VKZ&LDckQMkPI#>nn8@j$jS1eRMj}R@Y{OPd?6&w1oGm3&|^V>Rj%4qdi;6ILp zPgsh6+)555&FwGo@t3&4uGBQ(SV-;kVR3xNIC!blL7I9&kSYJXTiLp-6&SSgC644E zfI?k&9d5UdabEv+>P+}3fo}|g)|8hBQ zJRr7x%r{xH)uS|UCW3;3-a7c?DN+MF8>q~s%G7aRax1DJJ;B{&HoD|NIejY%eV(|y z=fPLD;^sdQjwJtde`J5GyHVc|UEXOpQ2j&ezI#NgVT`@Ky^V##66H)A)O*VP)_Kk@7iUj-x0)5NH!M?Su#9B{h8L3H=vTU667$CIs_^ zT+oa$wG$pPfGEz%Q)}Ke;~V^0Jg>t{gCMGH?DGA#i-EJMKe?IJ+2>=t!jki0N zfhJP>zEFw1ltXmPl$lUL+MS2+kIia&Mbb9Z+Fw~|+C5vNqfQLKNBZ9n7s#8F(Et^X zW`X7XpZh%rOV%J-3g1WhIIULfZygM=A{3VI`>TE9!!81IezUur6@fA@(6~JYG7E5# zGMB>=ps#q zu0Ec>-uerc5X;Oax}9Hri`hYpaUXy{n$mL}#WYmUFHN#n7qu#UC{ku|T=!DPhXHjj zKGymVFID`Pm(n8kR`$VW|G90CU>5U>n<%-c%lmBSmQ_0W;P?a;XJP(0_A1X?J9E9G z%-uL$AuT~k%0$gXQ-dpI4x-{D)36M0w+Xzp4a&@wet%Ep)q}I`m7KDxG93=pS(f3& z@G6nwp(+=0GHbQ@X-~Vd6J`R7vG0qYuugo1`^=gQYYN8dAYMjkqsNHg}p1S zMN56mP}UnJLF-4sL8=+QFAn5gTsli`;Psstha-|PSN<-kp=2V;$9`Yz>l;^?V;Qp` zQo1Cah<`%OAdh)I2uMg|B^JiGbhA3`lDYuCn6A0tiH2n7bz7bCosA1lW|GEbv7i}C zU-Q?;k$A%+opkx^K6IK<4C(RQ<0kdNv7L!Cr2`1?=-ZKvdzQcc)Y-3IeF$;DW0dj- zU5&!^eLTxR4(Zu$W$mx1}U96qYb0-hR zwUYQQU+HZomyQ?=E^X(V*=6!sK0VQ?!7Z!1N1oUzK|SI!yWPBz zsj+&uzYK0n-u;%(`+P01{Vc7>({^=CsHuoH`=OhVp`hOTMc6-iEb4 zjPrg;{FwQSw6-jN;XQmhOJ42|F&{Not>o z6e1@h(nk$!>#LCRtY~nz1$`C2h?+?}DJj@ls?AJVRo7NmkIg`{v^2oXUe+|Ewncnw zVq>Y7q9!YE{8^@$bzX_5?Qc1v7o0c2D6XVcy~L;o=eh}*T|rGpUU;;AH#QXb)$x*X z!HA}cHwsF^LTTw*m}d0-4oN7#dd1c_(t|miHrWmAxknf*{^zCr>hC%Q}*YA;B2mXmWTj!h?5*%_nWoC zaW#6qmc!KV(Lvt{FTsJfnP-gy7DylN{pLZM6b79J^SE^JZ@|nXBfwI>OV9vgvQ=C2 zCy)_rk^|w85NujlB)Ati0PRZSeB_YM^zPGTirTHkHd0-K0t1Sku^+qmS`i7>(VwAS zO#MvxDDar4XJY&~=WrKY@q1CIkOYkiyrL=DX-s=D?F#xOgRf^t*tiLv65FJLNU()( zx4i}|$reKxrUTDqya4G+JG#}Ly*P}vXpoj=#yWo|1W+vX0DXY;O0gbTE}Bm3^1S-q z4zjwYV*JIf@p%HJwWFkNSVV}_H(U59j1z9;BpbMaxLX=Nrv__(L)3(L>AO2#!yc-{ zHY*(;{gadgG@D%e-Kr{aQzP4MONrLfnO;OWR$3YnX4dij-pO`Z z1NS6WSzF~;Pjf{D1&h=yXMI(78{5>dAf(v2mV%0tS$H$ljMTG=f|@I4WYrXugB?^| zZSD9i(?cv3!eo0;X;!-TydA}Qy2cCshA3k890L5ElZ-hXBxn{;YkZ>&MuV=TG+~k- zx3G;W&O25=lMtBZe*UmV0hox8n_b{W;S|n9n0OZ&*K@->;orf`eXTa`VC|<%wB_hpJZC%H?UAl7c4cp}`q4 zv#GtP%WR(?b4+3aH{GYXb__BpftbRe=M*&&9fbstp9!bk9y6XWcP;)sQJ1$vE6%dI zhf!NVG`zk{Ql8g9I<(kFl}MLh;-+z=)iOY4Cc0vw{l^Kz@CJ=SxSeruI?@%jv$B4= zbVq0zE3ei4x@;WD&U&-!r6=GEGPxR;_kjVUkB)v{#VM5Q$`Vf&_dRC-<7INqtM3J; z%93UqgEV`K!{yc>OY!t+Q2;4};_dvk5!A(|I~Itn`2BJJ>D0+H6irP>yUXK+H9a5^ z^LT6T!t&>JIf$?5rP%4+aJnF@`308SW}W;5iZB(N0!w z_jEFhUfIkI_|O}w_K5v8YFO;Usee6M?4em!cB1*%JT2CxD*{1X_LnndF;+k&=h$Ge z+#@$(9)wF}cFL1QmRDZ*7~v4l!LckASokxu$#Hu+oxBFItI?G*B(0qTkbY|*-J@Wr7P_~4as&{$$Ay(CNIMRL(b2#+u+@;j{cscA77OP8o&Z|e z;N@_YRR+&C!xk|(%tn5c=HXv~#t^RY9Wpz>ATHTs16$eB;CCGQ6DZ_3Lm_X6usx!j zwDix#_R?K6-ORX>5B2KoB@`dw^oOjF>jDCf<+61(mRnhAY4{qqyTBbqWkqv4e+Gg- zv1fTExZkY{I|!NoP&9br1lyNq(bC>rEsO|dPQKOI+sHU`xXPJ>o|u`QsY@h2g;|g( zC?Ko0SwePgiDNDoVNO(3Q+XSk0kJB!#upm*3#`H z!&_0<)vQv<;<&0*7@?x%drM!gsf>ATpx*j|kgN^9^;TvS#XTXhdjy9>7iR3ZsfwZ9rt`>W5!MQikfglf7r;Z5M*Mw zY^vMV4UjfFT!RagXMb8JxStei$J10&TA4ASfj`r}-0c1!jHk>(N8jXXUY(!c8)>A_ z7~qRWuYNe}BH^mcAr-9KSf+3#=~$1sXh)1!#Y8OC5Yb4}>-+{iWj~&@UhkvTe)-FP zGJ>LdBVpDLH?T@L?2tVJ?0dhyL+OKV7& z3*N8)7cYK}2BV1iwgTKQ`k|VAJ6^i>^Dd*uZ@9v;rQ7E<=P1~*u)2_=eNAP~J(Rb5>A-*vIg ztWS|-71Fztd?7U;XvfC^46UuTJ)1KTB_yiYRRsmx=s913ha~(Q^}&INEo#L~l_aMu zQ0Bd@@g!1s6KTAWVtibI!4B z3mz5~3lh zgOhhjXs-%ScU0F_Hdc32mK6nSCLWdFjO(!aDP@g^cQXpLd&zh%q+#i6w)#L3E+~qkxwXSq6l>(<(jA@M zud_eA&)YiKFRbPdG<{qMc&?S&DEgcQ&1HavIZP8*^K{#C>Z~KAfB?_b8ZYVc)L^-H z7UptDBI#~ze?(&iY1!;~U(QZqvQ6z+C+p~gj(M{|(aYvWw zOg1@0X=RRS+}7dWYW!h4?fBC$=1jRO_x@qsP5;5V-)elv(n&<>5e*6&vu(^*!NlD& zv$`4u=xI#&4`S}UxR}{}r+8O>5h)uJx?G1=cV~ENS~b#3gs>Bu`&99%t4b4&M1`BedgAJa*bSel(W@b=7{fNp#nd+{=sMAl% zaxGD%rFD%y)LE)DA~D>S+eEjM$EcaS%aVlnogkp%`q5ETATo@y`4y$g6_jy}GfF8# z4wE628bBko7$CyH>0muy=GCtoGma}gH)&&^z;E(|wBK$vCbqqU)y2J8rUN~$xJpZH zsKe#~MSELNG02Abr45aF9xGJ? zFw_s8c@{{BM$yexb!nK{0c^{>DoAA*MsyO%(ciqJvrm4TAunlCi98&9a|>XZ$jh%B zX8!S*?cMfE3GGfqSnt{$o@1sds@!mXz`S(1No76JARgS454h!}_^R)@L?$Mu(r@(> z4*kGWPld^5$Eac`-9vL&kMI(U`TV>)ODzmcxKFY=tDE79G(0M5iq;n;IrF!R?Ky~2 zY$8QTm5xWV?EKI7NB5Y%tMZxsGeCeVF?tu`SJLA%K6|vapT|DU!N6`P)K~qu{n^^9 zt`H2lv|LUOIf9m_hqd$XSKE`dgrZ2BPp@Ll(UZhPUq{-7Hc|e;?e9>Vj-iv1GT~8S zVNxP8h~?-vaqljwNxTeWN97zd6~guzlEFV>^eFUmk_-IS%_XBo^gaL zdblMcoeIOfiST?=(&}if%9cTydSdUPN|~TW0CEG`wM$IfSSh@c!Np>!NJ&j?N`3)o zTUh~IYg@qh9+0l|*p-fi_)EFAL{h^wdWvBj6p>?qgsIqUx@^7DkM#pE9|^w*4ECRt z)+IMqHU^bih=9n@ZWnVOTj6M>rfFfRwk2eL3!pxOJUm=Hf!S)fH~1wX zElv07lbARo$ceM?WfhZOXfVTDNx0Owgel|s2j3B96~|0WP9n(Qg^iD`O2SZp_1@oBRr6GJ-CYjO-ZIEK-kAlZtJpk|90h5Hb^b1kqAL zGFCWQM;W>5XEk2^q6^asThp}EH*i_UhT@^|$#k^Dd8EL=SVCgSsfOs_=aoCHYsaA>-AG!;eD8g)bi16< zX&bE+(%A8MTB@>+o_Owwjp5I5*y%ea5szML=#K&db{#B#BVdwV&Ys*?E^jgD_1fIF z{UIU%IZ}NKh`ULi(-~YJDP)+pN9u*A_W~as%Rp5Bbd^1mSzZ}&7e{BE$8_v+T&+sI z(V>~)x-rw*$#}!>wK8U;AX=^2rt?_3C_SK=cEvb8*jIcU*jRwQGLzZ!I-Kmb>AWj$ zu7r{)j@tqsi^Kb%mEylieI!`2_s)+7K5^*k)c4?4vcv7gFK925c0FSK_ zmAbNzD4!3xXhq#wV@YLY+~7p|#Kgo}d>J6kr19Cp0wM{|Pn~#g z)UCl>kEc5jz>R5#h8?p!KU<0<3lbt>vULwd=7orFLo<`|1}6Z0Qs0HCeDY}0wN|;putm4P z_c3Ol_8u6m!e<@A(-r)rCoo6%K@-DnxOMz4u_9l}$Te4whsF}#y}kTH^~ zx%p^$+D5A29q*#5&$eczW=@-%TPm-$53mkyC(ml)q_+}E&Hq{IG3Qw)c2SZ__)b|( zFFQH$;|mQ~;Nja`Ck{}hJv`D9k|2i4V2A@HWp)o?;A}0}RXdM}4HL!hD%FK)1+PfP zyBNWJkALR?7J!-v-`%0wS8BN&d&B8ntaY>T@iXA)Z+xX9BbtOKR?Q!1@{`2K%sTt! zwAz!}+&qPgd#b!5|7Mrmm>wqpeX$^Xl!={h3&0qQuAl|oJh0=e&_BsT7~KE7wC=C} z>eBzIQd|93!sdTs;eY{g|2wVaE>gZ~L*#v{ei3C1iSzJ-xc;BN-R}<1TZYmEk39d~ zc{(+5cpsXyvna_qB@WshFFVgOnM2|cwh%8NIce1LG#dsGFHk~&gk3c%B4bR)cydgr@sZi4i$!ifcGVP)I32Vu(H8W5m5P-6 z5ABQ{lbzC|lqZ>4Zy~C3JCV<&@9%qXFIP;{L!q^Vnz25a0mCDudXS#I4qLy&v2%1* zu9)UOa)3BUVm*&*I@CYipuVzM1SSz8m6Oa5uh&f+xpMl*WCVjhhP)Ay< zgWWb9hJN+l#qItK@G`X^42}UijYn6eG>!eaL>Vx-f6J3}G*%$QpA%Du<;1;&Y=F7B z*=J{A;CytcIbrad7GwtVB_ei*Akp{C4muJebR^q$j~O`?&zd0%5z%3oF4?~Heu86Z zp($|GIFIsm`J0O|%1?DpYxWlSRA~%clk1VwH?ENuc*u-*Ii62=p>LeJ*6cZ(7HJMl zOJ?*b623Sm~|>B$%n`fvTL=uhN@+wq{n=E4dSK96qjkNZPhI3WnpEW zt2^vpz$f?82?uDZzJVFCBe+mH`*U&?@ilkuVq~sU0VZ8&b%Ef zt*64iCDECCM|VPqYGoK2ZWW5YAP%M)R{Vch2Zdb=tAc!CCRV2@Gk+x#x(H{E zKXday)`9sCE8@T=!jtJSe{N!d*{rzCZv0h*rMKySJs+ znK%6-!v^=^$_h0n6){j=kzQAV-7}Wa&*2l@yPxLgTfG68@B2?)3T1Fl_>mvy)?GX0 ztz;iP^S$r<=a1KBIon$I9|IYxwc*&$%kTOd~KZxDrb$MtDa#Wg2Ca7Lu2t8A_Jsw8qDK!((~W zJ6YjNUL<8qLJQ$C$6wD)3t4&kwW4EVxTKDi3SV}{yw#jnb#)cCXSLSZm{L7=4Y-`- z`$By%8^z!Z_Da3BOsT!c$gYXjH`(e%M}z1tae1-gV~0L#VQs8JSDh@cA_>gTvN+5u zsrh*A9udq@TuKnaqH!H3+Vw8Mam!9kot&JQVaN)`5+UWCpp|=kLr^RB;x~-Q73z}2 zLqrgXeKwOmi=xXp%L*dQ*?=u28{&;v)pN9$5%Pg^&xVEE)bfjYGq5Yl`&!TR6VX5N z^R_CWyga(;A<9PTm-0pPB=L~JGCA(%B?nz#*^f^0SwZltZ+Uh{#l(*%E?L97VGeeRZY*x4D!9eaU_m}mstlzf!0gj6KluCPV)>jrA%h9 zpt@^fVRVLncx-4!n14({u{m}(4H@)FC3~38l1?Pw#Q_C`@z30cLfYxsWg-j_zXRn zR=kD4$k_)yzlDi|a8;ob1(cOo^o%k-eRG#1OBxw0)n-C@Hou<3v`}ceevpHlo={Fa z3av}N6YkQf5+wcd#-bGaNPb!En=Q4JrNeD{b!8Xq)4JosnzjH*;?g_td5?RwTyyQI zgcd)$Cx9y$&BOi`=GWfXj^GHAxE5bZqi^5qE@D#`?MLHQ(({T(NRypK+=e{3#v`k4 zTv;PupcfC%2LVB)V;xlv@yNG1KtwVwNTA0H8v*ljn#1(!CCSLd?ZN#tn(4K=bo99HAy@W3o&DFP-!q}F+YYh z+Z8Yh2g8fPk1x5Gz!00#fM}(vy}nPaARQZ~V{NRf;|7eb(6vgE+ByLgoTDXW$4CFD zb><%=#Yj+B+)d7=>-oT)Yk-R)zOv&%Pfjf?`SR!W$KY|%9MA3)h9sWx@$o%ctGj5E ze9ccXCs=8{i;)sMMnBJiGkDmqwBntWvX;$ZMIe_t{kyOIgBir^M=53b!+t@9ozcm0 z+71KolwsAHu>UtP50VG?iUSRqh+4MAV}?IM+6y z!CnZ#U`UhqWwMfnf=ybJF&q*nY5U|$lZl|Vuxow4lOYo=8W z&msRTOr*)n#|8hlDaE9UPNTi0&8qBmUj30FQbkIzgRYRbWrJ}UMA`3R-)vtus_pst zp2m-RD^=gge`xr3G;cAuiV}y^Rc;1~E`Pe=LU;3FKYM6uh7`{ZwTlzxBQCt@4DAQ4 zLJ_@F*IGmn3K#TG-nKYL4UuTA zYJ)T&3pWZcA|6{@=Ex8o2Xx+Y zR)#InD=_VE>*%!qIy$0MdtY6N?hQ&SbpaTJ^U;SlR-nP?`Y$&XF1l~6rIu%XjLXGId}nE^cV&R+hC8lSIYjMv8RwNTP&)`&CAqA%E$f}Bp32DhnYvkLE*}F>tmZ#QqF9z zfr`o_NX@egjW=LQ2Ze>`D!IfiwP7bp-3_xhZLms7<;`@&*Y_O?ZCaE;^tKIhA%DbW ztOdXNrJ;+l#!<4a`FnMuaJYgLH#LQgx%oV+N1wxhV;d(*k<&fMi1Dw+uX59UmU^)G zGm6Rf6up~spQ0L12-ZnV!EG61MG9?ru9(^mVt{=$j&Kjj+lfX?kH&t;l4L#(pz`49 zI(p2K3W1Y}7034Xa_6YnWq?4*0NaI%)WIj%eUK3_?zSOIi3hUDDpBQo>&rCkzQ`a1*BkI!-b&o}*smnEdjY2Fo8p-}-2 z{AZ^@ojXyJ!Ra8KlF|wsEqc*gunI6mMg>06NygR%7fFBoGw<=1DIkVKESaAbCL z4^4}5OCHR|W=F%PjAhcKZ62K*Ec4@Zct}mye)xGd8J+mF`>=Gm#*PHV-JKm2#aUc= z+p3VtTqyT@R#QmzmyYLQh;>1!#F@P?M;AQa4#&A2n9WEX2g&llw^3@Qr6z+xlAD>P zhPBVV9hNOi`uTR>BW2I++7^K8@qh)5Yvxj;&5z=WnddqFm9rXMyVY1ljO6 z9l);adB{s}S;BY)M1HHA1kBE!U6;mf%E%*-`C^YKB-VdY-tSKTi9;O-fI9!U>6{sk z`g~SAFvgK{yX=fogSWP^KFhp!nZj$o%(}eSLnj+dw#Rcz0Q}kQ z!2@-zKikj6VPJ9hfcLls(n!f zxfNu?Y7&!@wPwA5u`xuL)J!c6&EBsa@zC8i177^~t+^c~gd70F%Qc(i(#AKyv_$ma zpoP*SmCvm>saj?K*eJCRl-VSv1W@RCXFbKq?YZuvgIH(Hn+Z`R7UBNAgx zpv`4+#o3DEe98Alj5rr!jrP={Cw)Vh|3zd5^ldzgBQoJbb*QN4dOkA-7!FBe=E&7* z{-v&K_rd;_iX=|X4xCq<(grE&ee-aaxi=>23GR|aFAakl{>PKk%+_?W0Enq_^_IXU}Av5ilo&-~aE*@q*qlN5qv-IKNS9X6N+Z6sCu4&hd7VOdS!d9=GZ zraW$@@HybC@gL`Avv7}$XkR|-w@eEBOEjt%&sUN;z7O(fSqk#c%LHV|*W67Od;D}OFaK5=_Gy}dRUYp5Ct2=Ze! zlkB^{8rvHWh1}XTMP0YIS#EhsvEoaH_X`{9*iN&%xU~ zwvz$mhA!L$wf|)81AXp4H(o~|?|(ps^jn&jP~GaWzzFhd9ciw7=re5%RZRP?e@r9Y z=|y*Z9A_VoeDZf20!l&b%*Gy(#QEQjMGjraC!|ojo(%w#(MSVxR8ah)KKCCP(Vn`g zFB`-CZz~y#BkzgPvN_M=6UX}1v8{_8VG}DXsQj5V$M&cp{kFDMe{J#@`X?Dgy=uHctJFfRVOG%rfDcIf4iYH1h#4dv z&-e|lgy@Xv7M0>N)ZXxy2mN!e zRXQ@<;3tf|88duylU4l|8mX~-y=?imOGiLb56XjuJ0z?3Ld5(KiJ3M~s`)nfDq!9G zC56`YhM{3Pgq;NX^MHg=$bIm22cHp)-s_$!FK98EM9WlzS&#JK_4VdHqd-(yYEC5&;zT@0Rn=blC_3wHVYfF1XXDZF}* zDfPAAP+hmcR~_azO}i*>>^a+x^swi86(wmv?dOn-)t#+DjX`%rNR@&T@Zy34K zyN|63Hmf~Xrfj`K#RR}L?igWLTavH0zpNAo9HSN)3`Ec~0YlhEi=mlsf^DRS73;lL z*DpyzxvwMD6og9GY-7CMvy71Ul-|!|7sk*Mxw7#-wn;Z1#M{_Tg9-KMTjh$3TW*;Phui|2ksC2;$hBq(?=_Zkj7j@MHGo%&1{r=(=M0iTI{KQBoX9n$` z>2kdEt22uiw}#tzS>oP5dI6+>tJ~LqqH9NvG}MO@sTtQ%XDgu>n)y6fh~uB`vk5c` z)cyYbyQ>P(%kh7jOThE~MU%So2!%^i&OY`$iKcxKJ&u248&zw`2b} z{^}>=`ALq|efCi`s=qOlV9KD=dec*;0t`gL<8sjNws7 z%oD9A_lY3XJ3Asw#g9{Mjr=%CaI`(YEGb23VZ#v=n_O$KdvAI+>Jsr;Pr31bfDywL z5R3%@sWc*MZPPFJ;XGJU6`VhPa{^C8EvLLHf6Rdqlhb}WoXPi0Vfgf3!HU&%>C5j7 zj5)d8Rm&l0@LAR()|39TK+wzVyY9HRWg9QhY`1K$N`+)Mw|3(;6C)7)>Ao8W#>4T+ z?@TyrcaUR0aBFK2hmZ=FRxXJq94>reE5`riuu{hdrB<2B37zKk{gMl3L$c^NZMrA- z<79aG_TXHr+h-w@OUVrAEY6RSYo+!$uI2-gy%F!{z~^&uTW=ezFGBbpdzrjh^^9p! z^ViyfBL)kuJwL+zh$kQIY}mapP4=L%=5JU z{^55Wy)&9P_Ud*#XRdE<=#$(r%6^@)%-7S->(ci?nB{0iJ(s-Aeo;hHB>Qaslvy-c z#xIFc+TgPM?3H5OLsg>C;?=`b_4f2Lbbg-d#0Hn19*MQ);zE=4Wbr7jNG^-lX6?|f zjD)AiMcX`aqwvFvgW^i>mL|i*!{aJ9P^m~RgEP?RT2Ao2?$wI^$0e|m9&!KmoB8t` zonWNk(@=ABJ+WVSjFbCGtbfb2HC0Cr4wraT8mo0rJcZnv-m_JzQeu^t!#e7Ygj@!@ z`RkmyC9~!3+)%-d92otO&?0rv0HJPM*_D>_?`^8Q|AjS~%WkYds z@sci325BjOZB5(v@5NULQk}gDc&c9x+g6BvQvy$+JeHqQ?n>df>ue=vJDz->w;&wf zIPvc`+xMPHehjV?{qi)|UYkDO;7#v)f_k={dMo0B_>b^@h64OoL;jL<1oCZA%ithd z#fn{T$C7`?bxji)Zv9AJ_+SGXrpn5dwIV$%cpbxvIiyDkVtx*cZe9;uyPldHdPKIH z2h6DkD0!K`zhsRyzoMch{oD4CM|8Rpv}70bwo0@t&FL)95-UlY@`BItPcIl6)=A*N zC7PNhN5U2Y9>lF zkv<-ey6#Wm{YUIO;N8Mja{Gp`uMN((+Kp}cOYrlS(EUcQ5mUY#S*}D2zJg4}c=+vG zob+bjxb#HjZ?5SX)bH=X2=xfN1~K0m-!7io)zzh&JIoIzGPJme8h%$%TvMXEA8?&R zxbZb+Ok2p;p^73Br?31;7+Py~3X4^0Fi;EguVXq<_x0uWkK>aQI9*EdO6YuE=uKru z$`iM+-n9E8I;fcZZPIQvvP`nViwGP%T>j%9->8w7a9=CmK6p$y8knW3)@>7yRzRmW}L zs%)?(_D>rc^5ZT zt61T>*=qAZTp#S-!Koxevh$nl-Y4eY&^&+O`L&rwPcO8U3;WD_4DDKu3(;mY_%p|6 znAGp$A%zKi09f@)xL%V*NH4(LDP(7D#yRmEjek@tio7pbtPfpoe{7B}>r`aYj*k?Q zzu^hKeg_I{>o$c;ZaJ;e*Aixv5fib#7|0zl|GR8yXB%wNW9Xyt`3w{}D2ZQCk@J~T}W>7G*!QK*tw-M~j zS!02>9O`>01En?!bdvD+cf}BKT&^c(%fUta`}-}aCtA-&fBS7y7ZX69q0-089CoNx z=}xlcV{+GR9&f4DrWQ6Peu=S~`Zijqx%MW84b7zuI_fwPG?sL-vP`AcHgwgT`Ovt2 zS-k8dI!?9G@u%qled!3|)*%rci7N6YP)drp7na$UDXB?mabJonO;W=~C^@?2Ds^2X ziz_XMTpH?ROV5Eiaz>izDV%SMqlKS9Vz}~G$EN$Xsx$-9VjG&BCyo#Uqbv5uR$?Cg zCdX%j4TqEl1;htfB1e)uRU*yqHiN=N{C`MOmLqCivNixt52`2|tBV!Eng>j$JePeW z%qQWqZLT{D2^5V?TK;xm2d;nqZ{IV=LoCG3&!NI7#yl*0pu}h}`*V1ZfnmkUyMT!+ zHY1#T)SeROsn#OHJ$=ig%*CNfscZH>q0|!f`C5m~_21pPRiAT!0h22I$7$*ue{uR9 z7H5%}2g0b?-iXFT`0g<#;TwL+Sez-hmwek8T@{s683(k7Xq{G7o=oR7Iwf|-iDKzO z585qEqcV^U8ntM73@la?8i2+DA3)ojb!kz*_2KzA7$$Cv#c*u%%onF3G9EwD=kDWm znsydvXVV-b2J5AA!jJ^lOf|TIvYE&t1)i;kdz~7_0q&Tzhmxcs4{JUTD%4)7j0tU* zYe|-7pTk1FAeN|$4m?aEudM;|H2$T0BuKZUe;GPhtpj7d8r3$H&4}`@>_==}l1mM( zqjR43HILUJ?Qt+v6W4ikbF{$s1BnfDP8iLNW+Okf-Qo*%s%>#T{6W>fZ?$0z2IWNQ zgqPhoBy6qm1n5D-ik?K)xg#O?SW})Lt6ZtBz;V>-TGj@~un0Lj4zBz0;<6~`Is5Y^ zoATk=4NffE7A2sYMYd}-W;T1@^4F&F0_ufso?=7)gpJ^#-L(-=k@bk-*Q9s57@)~^ zGKr485F0Kgjjh16FfDM4F!2L_$}gcgT@kKeb#{F53j$@r`N4$1pBZ=8K{`Uq5Otqp zX3}`$37V+V7K5H#LYfJJvNAB15KY=5DnkGoj1h8c{9jKfDk{r(_>daT_2KM7OKp!uU!}L1WBi~&rB&%$^&*H{qubx| z497LIM$-t@qujoxWwZ3ye&Zj{6vu&2AXQ2{wYJ4q2$~cUx#NV!*Uy#8c+p&b%-v>pyn30WwE6^t0eRm?VtpOM?p5;v%*WtEdrwL(X z&E=Zmyk zf`V!+7LlQ5Ms8@%%O_G8!s1NwNU=C1BuphZ;gk4lJHLzlxXk-`ON5SrMNt)z;f#Zs z8aGLAz0G2M0q~3JCbGqpV<%;vuIN3v6K8U@_GfQQ7iF$`4UhZiOqQw@nLXEOyV-WZ z<&^U1j&|Q_Nt|BifW@;eSpUVk+u!n#0kTXWA4Vz~8V-uz z?6{nRN2^1WkOF!$%Zka!*i=+h?221PBA@i~55FqXZzDpBO)9gJWmO%DC^BNfi4obl z>&FXGD(u3YFi2YvsN2ghVWIbDKK4k5g)!iN(U$IBi?$BGJFqY3UEAa*4rkQ;&b}JFq?) z-8gf$T(ZoI5!#)c@LDGY#|ol7etJm8ntw!>v%6^0tU;*y_J|0MN6e)p zbi-pgUVvCmSLpgp+{3~Qqw`VPh^reEQ2&XOWFI-aLK%qZWJEgowi z-n%0g6eO7TYc2RlB1g2eXZKAXJji@0`|K8V|0XsOoMrG?M+HC{rH!%?lub$91&E-% zi(hPR`CR9+^a?qWcUG5fI3&gl#5yy}HvgNdr>3Q)5}g^Na8rY+h-+$YhCSDh+FU#( zH$N5!-l+c^rSo6T3s%T$fd%${jX1<>2@LIA@#soA?WQ>CeD5CK*q9q2qs@Z}kKt&P zfAJ9}VM%2B8}=%?SV}0p&M0HGo*S|(*53@zGOeI%!Ylg&-%(Y%DXkzR&=!08NzYhU zQK9y?T0;55<%o)LZ`aaTozSeMnyo4eTJ~AU@xN=>hhk z`Cn1gKvqt&m3vEp{H_fV|Qa^nSo^~D6aT2jsP~v|6s)bH_$&s#l z`iX62$sQguG~I~gtU#eiIOntGu?25{${Yt5c96LR!DD_R8*t{9lsW2fZDl10kA@+t zjyI=xKvij;jf|p|R8;G!0cTmu=|U`BKhJho?|UKEcW7h$YJ3i45H|dC3-u8a5B1k- z1uz<6bbKOmtXwz^F*m^m05`%Qcg?C$)Ktq-PR}&d&s^BiAuu>O%}c98`r`%PVkwB) zbU%UnaJ|zKzcl)PBInioGumLrU znp%S$u`>F(UHU6(n^Q1R*<`<8S>J;iSKv%%FIkT#+D}noXJAm`-g((>7myc`+SpDK z+4Z23pnp!gYaK!3YztD3h>n4*;;ue(^qpwAUwvboUmOE`@@dqyDGv7H*Ifz;896)U zXXr{`qMvGa8SG*qWn`QaexdHC$R(xfo*+ZXg6X~PwTfuR!0v6w_)*uKV{SCq*cKfR z7M6SD6;zp#wAfXaSUp_w6BV0DKQ}Sjlek4wHz_z!58-Sw7jU&WM2P&Av}|Y`>fo*5 z8`s>p-Nstud299N4oX`4?}RxIKD$y|oEfUNy#|f~M1TRth4U(`SK3D87S>L>&hAnc zn&RT(s`yvi;S;;O{7ZJPcB_bfFIZrqyKpNaPi-w(SNV`|u_}Q0)@dhssGa zxi(Z?OuH(hGfqYg!2jY`7p@7@NZ+F~N#OGaFQiOteNNDKHXha1KTg)|>jtVQC=Q>= zCjD4pV)*H$8?N{2(`x&gnoj!>0M_U-76X0We~3zf*?D2w&pSWHbva$CwwrgpIb5j3 z?u%gId>}bocJd}_?z%kec_a8_6bcr5uLijAcMJJOjfB>xb=j-hE}f;pl3)sxdc}a( zq)~hCUCFyqZj!=bN#@S4PMlNVr9-)i56k5szC$8oI+w@&sh}(#-FdPx4=}Jm*#Ir9 zsdjtkViAiDV;#OJp@?Rm#kKvAu$AUm9$}jwIrH!lqn_+j?(wf7lYBwL+bHE-itaqV zCwOo3Ja0_z=g&?(k7{N%^I&%%Z6J%G(eg{(mrDi-a>f+w*AN(=`=w z%=LE==g9k4mm+9$Wb8S)B8nlQ@KQn3wO>DB^i;8{sfJni-9V80meY-DN%kg278zwy zM=58-{bp&$`XO4lFIw=6-5&PQN>jxqKPZ;!s^tjgO@h7}8B()jQi;REAnIGDyms8K z$r)DYV#e-n>XG{HY)Lnk(}VIgfEFY3mll3iWxkro8q5r!&IbSK{x~TOjvf?_oO?NA z;`gj98mjwAs!&%7)E1X0%AN9Pt4M5Jwetl?-6Ae+ayfx*IOxsw7wI!Iu0BV6usaNR zrn^WzGwo_Li{&rd*D^16$K~G_9m(}N%{SG%f|+5YZ=CsY3AQZd6Sh~RyE|{^`ctyz zi)&$p`aC~UTMHQl(-%3x_|c<((0B4REYy(7ZB znv-C?k3OROv@M$ANc`HXgfQHeIB+dvkz*^DUidirWOqK#xY=-v!Xy-hX55z=9@Q6fa^p8+Bt{h7lEXYYJB{0S;H z6b~~Pf;8UT8z)l?p6V-~$X>VTL9(Ju4@%=yQ<14&xItYkH&g<6XmsFtz06 z1ckTs83qhOn8r@uZ$pE9fD@s;skjBz$jeMc+g3bHO)dR4FhWm>NHdnq&s$Lf0R|yF z9K5_5&FpNMaeG-A*)2H_>LSt3OzftT;RLWjr=z$D4l?iWOb?>|Rew`l z-ky2&^rwk^UHHAfBe+!0%g0CfJTFC#uXx`Wew#D4VUBeDut}p%xnz*lOfG9^$dNGP z)%Bw>N3g4%n&-IxJp`3TTR9mThH~i`;^^Xx0LBWYh1MEE?u>RzVo^V@`tET*QB{Ya zn*nS5n;T*(vdZ!bbR1cz%kQ1;zMiE@HX2dG6eQtiz3tS@uw~#WUo5xC(uJS~uyXTL z4E-I-jEK@4Qh?4CcSyLK9T;~z%q|uqga6j?zO#$Jde7T&4Aj8YqbqKx!8gg1(bVan zkr9*a%dqK@YpH(eWZ+oK_V)IOxaJ96G&>lBpr%B{DnotdcxX`vx0X=jcdVK$HA zTv6VX?;C{6eiazH4b)IFRBB_>NRLqQGez-#^R$q(v(o?>YWdq}swn&b z`a^tCEGbsw8i`?VQ9ssn9i&31gkCaFTT=GVFi}To9YiAY}*=vn9qG2ZRCG+jNcniEu z9$II3$#P`Mp#34AE2`QcjH<#bT5|jtxI-N-;zV%WlRM8+ctBi6X z&rKAk{8G;D4q5im1=Cgu)|kvfO*UTsf(3Iv^FAlb4+szmK65QLaFRl>A8ceP!62Ut zx{ffPIA;tU7yxm=ygKU67Xx>1qc~9>sQCA*{fgUUx#_q*7Sm0(1Lf)fpX;RA#TL_@ zhYQ+*y`k(ano2OvdP`Q5X!P|meT%IT(BbZVbKU%gZZr;b33TAVT4Ex6J4@c=oP6?r zYy$aUXR8ClSJKTzpOJ}JjkjjXQrq{s4Nwt`B`A;ZZ!ZRC1&Deco!OuFzC91w&H4Ik zAgT?eX5Bo0`MwEU*|w=Hv^hSO{A-eP6K|jfn#+lwm4@_M(`Ix`h>B zTv2Cs(5hKiaVxK_c0qVlITT|V(+{C1{{jjhC*K*dKp_8`fe{i#Nkg?Z+P{8WU1NuW zYPj#3%!fXiw49>(a4!F)?d|Q&s?Nr2ISBKluSD9B-66DZJU#AnA?u=jtZ0yB8svQPy3sW`XpvN%ToJs-qP}B+JQBuX!S_$p%K~^@qtOyZ+4OiQc`#4 z>l}Xu7mdrjM*H~anOP<_QmmL%vG(-0*M|{XgZ^VsAPT6Nx;gT@x&axkwwi*9PFLHu z6lijG)daX(Hw0QYjvvKG$-~b*Y**)hm13Zw#Ifms;BI~hjWOh~n*^UC zyg~(3gIPyC2a2*}pRA`tjiqszw2O}`&3t1z|Kq3Gtvc48ZGRKQ``OQu5d0%oJFV*F zPViV8u|xE{BI|NhQlg)IV$d{F!y6R|>(E;KS?;HWwWX!QtHkbTifqaw>LW%wU`Qg* z%e*Tpb|H$yb4@mAZ2Is@FKj=iKyjROXKOHYaVJB#r&$vPG8MM7tbO>`Q z3w2kc#gq4H({)3%W1kIgq#5K{#K$jdToBdxJ7`1fYEegJQ0nf7xAgC-rR44?t`V_L z4B*95CUAlTjEuuml}Q*n?^R!Q3ghJWpVr>JjyNA=YIYPqPvVZ;lzkcf19QQ5z+`b^ zvDwIk!46AT)oczezG9xmV^Yd=4OxxNAqu0?>$cC^cqE3-jSUS@=eSh(02 z7>e56Y1Nb)4pfSW1 z*0s*5W_*zIo&HTNaq9|ueP?Yv56vBmLe#?zgt^ksz6 zlP&?9otLJqd-;k-fTDQ8HYbl27E?SJ;}7HY_4bl{P?!`UU|u!R#7?EcrD6aHQJUcr zk!e+TaR~JSHk)T*zcLk(q}L!F>Gk&m<#Y{Hyvq1*fiL-)1E`s3?PAjmO6<(K4U&w5 zMxI=RcYF^Z!hAfMagfG3R91A-(_x}!B1E2Pi+XGSU!bj7!Jbk*-0K#v&;)Q*5RSvH zLA7%Fk=@E5mHv9!|Cg|7^^xl^)mK?9|5z2>^Xwduvkhq+9B?L)(FO5^wEyk_p*y2N*d~y%TSAMRKS~DGInx*&G4+BU-4Y6 z6BLjm#V)tnPWc_5`(mJAQNHjxorh#XHLcQ={Ua$+*D@vi|Cd0#aL(d( zx?Uptb}=00lft{>vY{DOn@3X-VauR*^!b)NCx03bvuGy+HUdxjV#3bxPgTN?wG|^w05UQrDk>kFXz+KkAS!pw022m*`)wpa2PY>G6t1AO z14WvA8$9j+!$P~=Y$Jrv-}FP->2L5*P#CHeRS_L9{k%)PvXfKQzk*pD+I2iJu~!CY z!`T#lWODG1@%eV=>bQbSq@5k^B}t3uEHVcAN^%2bnUUt^3h}g(VG919&6wl+@>+wZHZnjfb&Z^CZX1-L!iq2bY9yVace^5FgE66CvT+|!3&O=1$T!J64Cy#Lpe z$wB2Dd0Kx+Np;Pgh(&LkM32@_BTi<5g zkMtIOM>G1N->ynQ0qJ^z0y7La(;!7*U-CWQEF%zJ0~wnGBo;@G|44xzMme*7@2UTtao~Uyt+uT6Bw4#HUV-uRY-s=X{mO)*EaD>;`_%H;=w}9s zLi5oWd+b>>Zz}A%IaM_-)|CdeAu9;OG<8?G8~yg&NH(ebZ4^SrJw@zM^9(iFsRkt5DAd$5kPI8K z2{P9yEm=)Z0Xi{SWr^$M5)4!GlA+aLiRyeao3c(Dn(JE{y1Xn7z#?c89W`@N^Ja4# z$4^SG)5MZi&;|TFb+7peQKrsjKeWc+t3UKHG2*K?;bws!n-B-4vOf6|poW3a!V8ts z)?R-dBX$=R)5~QRU1E`DyZQ3${H5tr9%^C~fx!E(KwCv;#bnt z*od>dnX;+QBa^79umFto#AlfOHQ+eOz3GJj?Zv*+f1m-#C$9f^37*cMod(*T5R;hu z3HKORehQ=<%BSgVwO%HL)F$eVdpzSKn=>5U39SmC!K|p5CsqbRwpKa*Q{cdb;LSq=DK9#kK{4!Zd0gV`OC;bPn3%HmSX!uF}N{?nC}ky02S z`h`PGBRi+ka(?s8aTx=H#qm*wW;FsHXr7~fUWGCtVZOc|1OnB|=nhgpD5@HQUk8`a zTN0+F5@@CJg6_WTo(4UyjI2Bd74ApIjflxuC@JZHjDbKeFE6$`Y=S-K&jL~1IB&CZ z>BEG-Gr@X8}S#!T5R{Z$kcbd+Z2<`&5K|5eYQ|7*d6MZg+% z*H_!2wS&J4UVgY9xb`C!^G&DkySjS%K)aC$!&J2ziTdb5x!KiR|Fs=Vj{p75JY%@p zEsGS40_{m^dCoM}DZ^QQ<3OFX*n4}3@rDw7B)RUk?nLp*7?PG7drwY>Ja|KWCj0RC z5H-5IK=(N@EQr`8EfX!H?g*BX9lISK8c!M{2oXnASGrxexB|IdP#E|}+sc}KMjL0@ zfH>M$E0TGfXK!sE{%*QN?Ba|J8w^?Q{K#}OBnv=!C#s{oK0137MAItKpDXp+0`B5h z^YI|+O$3wBi-XoZc}ljZLXrP93tWi*aqYTG(e81OAqKyrK6&Hz&wnMQo?E2<^XGXv zQX(Jwlag=A*XF}5d}1SSjKk?eCmbI&zV>=ULHug$-5V*$s7gTL9x)ou*-5$6317BA z(N}COZI$%Xi!*$zFCu7QXS<(rk%IVYj)(%o;}X8?@8D)9(^68BlZk<`o@5j*DV^EU zSc(0<_R-zTpac^Ar%`5S^Xw=6kp^B)cMN z03Pn>A{v$(Juz%thm3-A50d1A)>A`Bv(C8S;2v(9>*2ZYzxO`kb~qGM3i)vVeBNTq zN=;scb#rsqN=Yjv%6vGHL~cvN`?Zj2`+}Ngjg60ecw%W&$U-PAkZS+ulqB>&a)lY# zfAqga!2ya=%bald&!!84Qj+O27SK=2W%WFsHPIDM&n!mZuSJ~ zu|;^-qU{D4dK~?&*z=Ex34RCBFhqQM=y)PwwKz9nE65mHWV61`e0ahxVg^R*Me)Q* zGCI7O4*jlJ2{o8C%^oa`5{d?Ef|X^RISWl3#PpZQsd@5wF7Wh!%bwo<=I5Ck^S#dI zzXpun|21F~N_OCOeUkhyUGhGlID=^@L{S^=BqzgK_~3-&G5B<E`;q_ zjFGRmP9J3f91PKE<%AKQ?afzIpc<(LBvI-NCmN*;bX-kO`1~^k_7rcXh<67xqsAZ9 zDShAG1bu`C(x17=2ZrE(I^Tlh`G>>M;7++i*29za&o4oqZL8(&y|WUvF*yu2f|DE5 zh&yOTe@Cuy0X#JFFNS@KvnUO2)r{vTen>Aq9xk7V>z@Wc@f#Wr!HB~2T6g{GhJgxd zZN=5hZfb4ib8>N^pNnW=aB{J&asjvu3l0~+^e>Y%ybH)>0*2GHnUZuDnQe8aL4Nd7 z5D;dID~8$m@kR#rqbD1;E^&G>XlQ8hADWYBDZkb9G~zQd;$pOVyrtju_hCOnQ(|$* zdXUjzDwJUHMtM%Yjs=LMD);2bYh;xXt(#r~A&mZTCZ8K$peq$|xlLXf| z*s2I{Go$paxd6C=#&S%tmlhal_e69mPi{u`Opzr znZqTIE97fLEsG68VP}H48(3EV`Cy|{ zTUW!vDL-F>U}1JsLI$`P$^4Aa>JpVzy}($|eje*1#?1 zF)ArqW4^NZHw;>;Rg@yQO5Tx$ts4?2r*+0@utB6?>8vkNI0L7+q?lizz2G6+ZUDZ5 zSP(Im#7Wrwn3{{r&S+Nxuhg>GvXtIRv+3}0HobwD8&*)=&oK?>F0y3%(BtE|dU2c3 zcIf?78Z(BZ=-l0~R;)So7f_H~i8D)0O-X6dz3nKf8-eC@ zh;jnE?t}M?LEawW&32Q8k|a$EsLiBBj}y}OwJbwjZc&y`U;bA`vz{hEV!GHkh&Hlr z(Yfp338=8aRxyYo$!@^gpvpCV@j9atOjMm#L~oaFCM3 zet}QpxCkSbc`q95OiOjsErQz%&BwZ;b70kYA$SJP^x!ks4s%c&7*~QNM#cLTP+DZW`{?@@|Eyf zlK}ss5AGcY8B17?V3sGoRwp%)tMa@E;?ZUi5%`5`YKYiu8IV{#eM&i=Wxbx-*>@Bg z(6d_R&vpiFPWUHTj&|0BSZKB0We~k28V$h_hmnqQ#14bfWo&_JMwiFAjXo!z@kd)I zL{YfzVr_bFltg1L24Oolf@;=&II8U)vgOLQ4Vd!!owAOSIip!>JoP^$VYM10 z<@HtxpERl=QWYQ}g!mTDA*sYy5M9Fqc-!d+dL)}o6~n;8EKhr()2dzYTAwF7v0vldp912 z>6upT$71hqkxkx@BfVd2I_|p5lJ|r`FmsN*@_v#L< zHMgRN9328 z%9);<6w>`4xcN!4nqebG%IR5&$}8GVjBa-DVGg~gh-nU%?Sl%ZNHkfE7IL&@AeOmB z1ZIl~Jz^SI^7g{vkBCbX#YxNA>e>oEL)GPN39%5@DR|*XZj5<*i(oyOw^HZ|bSw%7Ec1sIf8jvxAD*odBp zW?Wig)s#m+B_1~-3w!H=1g^bn9J_we4W@2{U|4cDP_Q}%OOCdpLO^7c(vy z;Ob~AYR6|86cpZ*=hcv|&C~r+>E$~p(^5NY!NJA-Y4*me616`#o7|&6+xi?S1`Ma2 zIj&x*ee8*s_gEZC^pTqVI>D^f0ib0%zu#~&o!diZg72{^IAf>`l&+?{((i2&zF|I4 zt=3@%&oSA@>UnCX--Sqa+QJ)cL3O=8S#BD-SKHZnYZc1yS*JwcxF0UTV8;)pZ`Ob3 zdd;fHecM%z|m7$s-a`hy=A79%Gcqq&%(vUrm@LY9R zDnBYq3MY93_{r$F=z8;=I!7MzA84Npu47cSYI)=HSly=wo-9sgusRDd=g&INN8@}z zM<13S`jd9L))S}HOqmhgM;cbLJHy8sZJogmlK4cuOgJDwQ+)V|aS(d}{5@$aJR=I@wl*6bUaNFUZo%g!@oQ#Tmtt5iCR_W61Cbc6c`^Hkxc3$+r7x88d7o@kY$O}9+$ZLLE&yKndNp=~Os!~1KB zhn)F5yEpQvo|(;Z^CC@@XYxqSZu(}2@qPJ|Ly=r(&KYpSx$q;I#QjUP2M3uX17e*m z{a7ZOX}8}p!{X_UjHj_ONyqpe6apWTF8)z^+<9)BLzyu5bOcPVoItI`sLC6j{f$o3 z(=gX0W2S)Nz^jJ(`MTqHPtsTGQ!Oxfk*ChBzvi<8E@Lv6;XqwV>n)__{o^wwvVwS8 zV-_5PrKjrGoK)?Vnv-geSuVDJy7 z?V_HlhsHF&h*HyV0kUP%WQL$m_vtd*hwh()1_!q?o)B=lR3~xv5c9AYg70W}mf2nv zWqb2+^%-h!FxK_U8|D!!OKAm81^6!%byv+FJvb z?LRiM#K^M$FJyJC^9AIjwBw{ALk5f{4?_6hW z+CbfoyLAtx7nE+Oy)M0z&Wj0;e5rHr!i4Awe*7zhUsRu_yJr91;({s8ou{%3M_2QT zWiH$1`Buw-!Xj7SA!G9kbJ3_IU<7&2 z#;c?gsUQN6VR+1d?lk-UFxZ+i9FGA3nF1B^pC?|P{tCgr_pV50V+D%OxtvR$2<{6<#f*bd|)0t6V-eH22N_z zfjP^*`OW088BQ3OzqL}gf#WfR5XFC10`gK}(#07bGeO~n_lIg9h9nxIP|f~bi)^{1 zn;hYfMAC_nE^;+k|32sf(iemMWfE5EJ}2&O(<$!`U*wGMx2<7RX#XylQcNl@;x%K% z*bK_2!22WaZwjFX z0{H4*jeg)I3_fI~5Lr~^6`AJS>KpAT&_%}-kbnjv5$;3i4C2y20V4M?ajxoL*ke}; zlEBaqjg8d0(v}}{uAb317ap^NNY_!}CD<{o0>rIzs&|=kIB{$F2Of{@#hz!7oxfw_ z(Jqp|*zYL)K1BaCIct%>OAY>DXPAF`iwd%UaY}WZi7{(K2(eLBp&owU+ae#UWfiZf zEk8yJ6dFdC;SR<2sZ|`AarRq|3g;K^_nQ9pl5#@Cy?TJAr?2G*! zY-(x3*V5=1is?k7sT{qJ3}IMy$$T)6X{D(ddcxIjd%C zI#Snc;ays|Cy^!L_FFFV+1Les`Sk9bC8C-6cmKzknStS?ror%&fQ|vC!54-CGQ?CMfstGW&1{j*!i3)-;EG+fWJ7pj;;W z7J0nQU}za+?iRyIO%T+uA@J!_%yOSh>`c&4R0eBnDA+3XC$F46iIwd^SDuv=uq-B; zG4!XeEWF&*oC~X95~*7^GEvD!$Iy8}f>=2;^{?Q{DXSM!D~H zjcnocfgir$h0XW*-!dilWnG%5tiwZP>VFSfx&HxKNy-dpF7;K&Ix4EXQ1)LubThL| zGsVG99Bd{6cuZHx`yq@1%Fhf&Q;?C3C&R~gXxmzn1Xfl|@RwMwh;eN;5JxOKIBh_= z-IeppL@(8_;rgVT)%V0ZIW^y;mDsWl!7^WcLWIbo%$%XB5*~*qD}{;iSV^Yw=Nf}2 zOa82mNC&MIannNeGYTPPKm~=&>I4d$_JGe@;>QEipMima!{P+I z%=XL0q-R?tnD=&jR7c&VQI3iyn&3TG7I%@cS#*)1ps9UmQfhvP69!zr4i6~TgsByn zRhJNK5vMdZ#TQgT{yxdTIIi66^xUC@fdgx}p25Ez_J_o(JT6e$6F*7ItTLA%I*2H) z;O?=dP=dhCJN(bY?M8R2>ejq*;Pg3lsd(m61|5p?0-NJVFB98d;EK|YV}o+faE<)* zy&N4aBmEzaDLbV8nQx<*kW}EPXNX2CT+2KY#JT`HsZPuZEJz4yaTBLf@TV?DzH@SR z{MJ&nrTldVxUBiq9V5LZhIOh zOtWBzrK_-4KAj%vb@&#n)bT_nKg(0bG&t7PTrFwnpH^+C>U8Dc)f-LT(N@g6@8&(I zx6}?Z=kgr#{-Eu)B@w6Er=h+&EgzqGTKa>q-vmdC$CVwyb+w7o zfqR*=aAE0!(iyQ08RUm(KG!2Ap`^sdmNdqTKJuN5rIr?RyVW=z8WXw9-cu!(=;-XP zQPH(LTV1?v(yn1(@ON$1;tV%^oRLx0PN&(fjrG~tUa6hbW;r8wqo#K0+}Gq&d03?? z*C*acB^%S6tX~DX+V%b&Aa{+9uu26h!=0fdCTHet2Mn(-j9xdpROxN%u2|dV`tu#@F0@8k9@thDD4| zTv(ubjB}W9pdg}wjWYctEW^33qcsYMN_WqUJvFr?S?wBfu6Cj{AYWgXUu8(>DNxO) zrlh1cnX93yX`y6zF|8M?i(BZdWBpkXBM)w1muJG#6cq3zCkGrX;yf;=J;sa+gzcyo%^ z)^EoxPQ|_^*iUNbc&%pe-f~T&0z|;0!ZNuCuKnVTBmwc;i_DCuvx`mz@EYhi7VeSL zkJ6M*l_rH9%qM}E@7Zts#qTd9;2=NbYIOYqH*;-<$p$7vh4vefd9#$5NNK7zu7M;m zR1sy~roQ$sM_P-cRaDJQsCJ@zZzj-ooYUSOni4M^m2Y?05G3(Id7shHTW3lc^el1O z3@DakT!`QxfP zBmx|>z=h(_0qCH*s9Afx{nCEzb`*}zXbEcR=;)|cf+Gr3_j7kKRIvu=G@3@XP$zB$ z?$%3Mo*eT%>)ot-Gg>iJ5bG4V*O`puLn8+JOamq=RALt$gF<5n`E0C=t@I5{3(T1?6g6#g`W1kEW>Z*d`uFVE z%*af*?#tdlQ?glc8Gh4~R@#ZiQ{P(ZQmdhTsCL*S=M`om?+vGxX%%>$4)N14zdUU?}P}`Dl=klQ^is$BmHOWzFF7yJ|>Sp0NQ>V`XVu=4`I^K<~MeikD%l5~RN( zSYmiQDNBL6-v_K7jQcMG_%Bf<_r1>G-YYprG2wK+PvkXuFX`jvz6dTV4T&-mFmeRU z1eP>~F}|VkV>=3K$&rC`)xTa|KeMsEos5zLqVEIy$~R{OK}KR z+}(=1+Z&$yjdAafFF(Q=oMh*0Uu(^|=H9e~`3h){buh(&o|3(-XbdtN%RlnUtA+UG zFJG)@NdX4ZcUr#?88}YY`9zUa*aH*BKjL)0uNT3(^8lRRFww3jIZAne%=TdWl$+&iYKy*e`hTlF&U3- zyt#pmg%y867bg6qE#1&kclT#m#u@B;H-;cX_;db?F>##^z#8%v2jQ+KO?-3@)#HSi zLB;KmN#2U(12^mk-n;`4129utE2B}7ztj}mq(o+F>x0^%by=*e#{j`g1q zXWUHp`r}Q_CPShNu89?2v|DjKl;1~!!1n3_=&&%!{{gW`9>g+&Ac=C0Cjd( zNOk<%8l)*nK}wIFU8>5kdP{R=k`+x*RnZ&EXt3f>p(q0`C6bWKxjvLUdPe0Li_(ll z31)o`t%D>wHO+xf5yj`dW2PuFf43nkdEa1*V|A;&`g=J_u#n8~FUfqr%suH*2FbPA zHpjLXja7S>Yr%S_b0B_>bg7Oc6Te$=9v+*QXP@`~D(5%Mh`q2{?W7o%n9ssZ8xVN-k}L>A9sdU|Pl~ zQ%jb=#oU9pa9UOSmcmlh9~L;M1l0-?Pn;!T(WyH^&GysvH(|FWSvOBXDcQgFN?n#2DSZ@-D#L4n_;F%&BlEs(1 zn@yjga!T57gn>`-^&ZfCyLLFQGnn|Hrfu>;Vd?ux*PfiLg}X#7E=}fkDwuB4dHwV) zg@tVzkIx#!X3UiJ?}pU07WTvU{l(pwJ6R?xj|O7YGt_%#1R1iJg*N88F~fzNxZ2MA z%5Tz7C4i>Oe;T2m4}bO#QmhI|Sg>%}gC%(ty)PZS7|UNA84QefZ3zU>Wx;v>xX&$N z^?Xy?!U-xdPw;zmdaU)7#beCiayV9*{gB6Pv$#reGaolX%@*nI_Iw-~5k1I{gKM^M zeKO_Qp~4ehZC^(Ebu%U5kzki1L6V_w6{urDF<~}b)5ptvAi5cwm5@16*%FQi3uCTg z+!PpFgz2%J?^2+9knLPN!YOr1pR}#-DR=puAzB!?LKLT8-e%H%U1A`%1F=Q=yzx&oOmR>fvf8eeKlmT zI0ls#U|v-i`g^R8iHj}2x!tpV&|C!1jm$N&PulezgEr~)UbPE!MV*!oR~6rcIdM#4 z9*L0X#9i^5d7`4C zD6-rBQZBeO(fpQia%K5Wr3e0`9j#R==)O0g)uh!h;X+LR?~g_+0WGC5C(GWaxBEpU zQZIK`n)g1{IX8iuQT}^oA$%cd^S3EW8~4xS?vZ$Id9^f|anIf-Rsw#GH|r`Kh0;%c z+Cc`C-3P-ElNoB?VatFQ5VO80t-R9SkI&tl)1{% zQOWUsT%@lvHg#p_Je$k_H>4$H6spj9T@_*wPrKzXxDtl7Rj>AWAhlC5D&(LM$Q*EG z2>N7Y*sqokgjc0dbH4h3SlkA<|~9$g{Qr9SlgVH3YoA3nV_C!M6QyFE>s zg7!EI-67kHH`%;ymaFZ)$nqJUc_#zi$9fW{hRe!=5t=jcTx#@8O6_ZxxWm?J74$m*wYL7OMFn+}u zwe4O>Noq=J%=nsf6=vq+$jGInG10q>(t^f;MufYH0??st4SWZgp5GOeOxegL>(ha9 zhcGw1L<1o(lX%eV+ z#Zm7*Vt^pS3^d<#uNF@eIE zppkN!t2s79lUQZXi&(hb8%HkMVH$tanG`P0o;QX|{DUr=j#ub8y01w-F6 zx>ayJX7+lYm8EF!kMhIHJJu6*U=z$8edCjJjSD2iym@dx^qeLKGSM*rzkK1Qi>B+v zLO7ZUe=7*#-uRfNI4XusT5)?e%b|%*i39occrkq8HE3c5G93OjB z$dN_g9{RyWLUp^El=1r-HE)fQYotQ}Ba&jM#kz#1@=s zxRD_Djui^u0kN}00o6%Kj`ykuuWKhmY#uiBEtCqMv5!SyX zdL3bqRm};OTzm;`_!h@FSVcT;H)R62Dfevw?l*jOdP6S_#y?-4{#(x!MAFu5QB2an zF&p#vJeIF+nwvrCez%sD&b*?MarIF9G;?14i{`-l`}1?n#cK3w#f%gs7YxS# zficw%S6KPi`{8oXWoPvD#H>fp3%oKx5(ReC&E$KATkoaXUJEuW%aVgS4k#DhuT7=e zowSXjgpjHp-m$}lm2vD{2Ay`>X&JLs)7CuT`0eTA)6MT5`@>@%J*6eL?$o7H?<&_b zyqe^mpK|)+RKaT47EIdpmK7Tn2dS>-77@x8nNKFv3Or9=RBw-oUS3WS;R`qK-V36y zMj>{!sPI13A4?MjR4+KdPH1RhdeLglv-K6+3Y|9Jnz2cPqr$z5_B->65V*n(?~dF4 zq%_FcA6p@70M0%9A<>^3_~^9yIfB&Rv_)EEI_Z68(Mr!E4`okJZx40iH1@K8+B8Y_ z{MkvuT!#*8@^>-N%10pmVLiow*a_!PMm{S!4AUcuZ0>v#sRk>jk?AzcrlWQF)o3(2 z=qg9iO^+|M6bR5ZCMVpC{+-@yyYzLnyqRu?qw;8B#s$v5Pg^BlU6uMH zKOo3bKbdl6hXDO6DI06gX1r+aEOW-U`hL$OZTZ^8`I|}($ZvMsesUXFO;CO#80^DG zmlc7hMN5`xfCg&K`bo^mp#8<@ZxMEMHhTp&qu0EpX+Qh{8)~shhh?Jxn<_jJeWw!p z{RTNgYT&Gg3tSb&0y^k1vR5?DUbJR0}pe55c?n=Y)$nK_QBRgx^8l%I#n=5>=* z5|IcY{p&K}$Ew(8Meq7@yc;DsmfhjF-u0Xae=o-t=`Z{A8e2a_|IgRM1~w_l`U~M@ zUXi!^xEA}JEJ@^mlI(~hBLxBkfA~dRuD3cgkG7vCky6P8V391n=IktWPSf-nkMALkD-N_BzJNd{yakY%~|~uM3Tb;m4wKp+T7iHUwd>im<}=buLh5BqB77Mz2y$wlI#w z+b(|Wfs(0~@YF8UMQIK!ll z{twy!7oe={>)rkL_<|`u9q47EocvyfdP^c-yMyiB`Ok3vv$niHtz3b&s&b#X7AJ^- zlFxn^sOF2VXP^4X^9^{(X_n54P>o_{+DU=512@0RYc#*LG{5x@%`IgC@M)U_zigev zk%H?6G8IuJY^1xm`f77e0y2&41XdBJL0Aec`x;eD8-c$j=8w-s;EUr4y?_aM`XVz(b$K`G~i>~KKDqs;DC~1G;VxFHU_!&N_7HEm* z=Sm%T=?0|XTAacG_QLm5U5myVm?K^M-9`2nMS=jyMhTxAqlC0VeQ0W{dn0Z!fAUd0 zC5Bza{P~r+3`i~iq+q{s?*94fOoq$%**}0lg_H&_+Os|U;jB3{;rqyEoB3xV#GYU? z#3jO8G}edM6+Tj_A^2@4&upT;^>MvWTTZdyRDV|?&OI8;U|I+Qlr*#dft~ZYck6&b zB=)TvkHKW+Z&=NqzrNxbFE2u=8#WCFR&8DPYN&V&n!nO#Yc{!7ulD);3iC|7O#Dnk z6og_0-E`v98KuGQk27@_Cl-roZbe!uIb|o@AHQ~(uC#U((-CVu+w2Bo#BU?l5&~(Z zB(qW<<*+5)B=708KOO)An%!j@lynA2XMzg$R^9acMn;C7)=9;KUFq>m0RCqiy*1|F zo=Jt9KM-+xuO9K!(lNQ+p$R7m^Z-mdL``x)H$Rx`R1g2U?woy%@F(Tu3;Y&U0zrhX ze$|-@N=k=_#y+d3DvHDQx-}D_*Z7rcaRy$2#`7VoADFaB-0(KDzdajSZ()B$_n4&& zn{|(KCE%Vh4bF^Yf^b>|jZH8j^W$C%Wsy^L8rPJfUqth!f$POr&732*!H$vV=@TkZ zSwi9FRVgwT2n;8FcMgWtc5+23Z`b$dVI5hv-Qvk{ROHH?etuK~I_Ni0&*`*bPBO!( z!f7~QCV=(vteG_P<()M#QDX8D$B{+B#{UxzKAbaj{2JP9D9Hp>6Kz62iyP$VVrO?=o zG58Gk3GD?1&a6(Et6->hh%qD}In9s0rvQRP*eV!X91i0+Q9-RlYSts<{gAq1I@v+&t7drS-Qs(d-EV1^Iyc$v z{hT4T?!$g|r@pWjT6?Ok5u!D-2=Y!N*h^1Ow@Gi>nXMZi$!q^C<#}}Z)w^C^vz05a zTFqfI4I#Oup+ZY*F^!t<;D@yB^17F`CwFelH}5>P_@^{ z-A$ceTg>j2|A}+E+HN8yft{K%v@InjlH0glZ2nd2;)bl7+;(L1JZ*mQgU<6A(<=}6 z1G)O$=t2w$merhe5V_N&fm7s3Qz1Bp+lan!OkOV4wYAnN`}f*h6^XgoZw4iQ=)d5V zZ4b2KP3+!9^!3`j+S+0A|9H4W&ejtX6V_?)M11s&jNrzKZK5Y^SexD{7>#MGzI2b> zPDSi8C5StGW`q=>5eOe}l_5Puo%-3;%fX)eO>2=aqRd;W-mT8B*?~LZgC5>?%NFPM zl?Z-^$7aY+zX%52`Bs{ZwClrTO)I z37sZI#w&YgnN}l~;(fg{y?D)egAS>TrZFkaUPy`x*KyEQRn}!QyHc~k6L_1utsl%G z$+V)Rs+!Sw?)X71(pe@7a;R5aP*8dG9r%=;IRrb{2w13m57L79-is+i4;&NcD4sbz z=sW2RhtjXKhadHIu&{(H4|CQ^N3qdHtoWs0`G|rnv*kE1q|0SFzy?!{gj%rIaM!Ky z7B5D{25b3vwaLid$jE9NCp}m&c}sn#eHduv_nl65*?TQT7$pv$7PHu`!f}`e%AyQS zNRaJ#sCd8y9A+gfRg97HJLpigYd6|lgC5Af*Fv3cE6Eh{PFaeUD;#vadYbt=tp|g? z_TW0v&3yz4q9DNN{cqN?r(W5S63iIYv-}qWyx9wRC0V+K59f@KXBcbPn^dooVXF%sq)-$6S+DAg%>F}hnO%cFZ_!<^AyhMfi2XqhZ0cr z{s3}jQIEOGoE(Uv&Y;}hOSi2#n>Jnq+a#^zVD>swDWUUTznu%Or92EP)iNV$>!F>+ zgR~$2($I&pmT}5y$lL96(?j{3jw|g-*pJ7ng%dFFFh|IaPAV3`2eO9}QS}ZyHqw|$ zIu6_(zf*uEj=rtm_vAdoKd|r%+7A#HFZpw-i2U#Kz(RtT``-cC16_Gtff=T<99L^) zrH^0m`+qPvb9G*YY(O)U^YeUeAO?`*X=}KoSL&S?y4b3{66neVw|MR`naphzlaY_m zLQ_w-{@b`9-Tr-6-7dT6pmO9F9jk|Pu#vLu(b>)!{EqHGg<+FE>Fm|4ps#UW-f)aO zaR`O-cz(q^)KS`g%L;n+GI4YQR0&Bw4 zT-baEIfj2_93EyEfgN%Hk9At9iF3S1I9|Pp7GmzHW7Ln{%eDiF#?j2iKZ51-z$Z@? zHSu~=^@MmKQr3~SE1Y-T24P*_w{Uuh4p7H`LX~aXB|Jaoo~PlW`|XL7R5-tHxzto= z(H}j+_btz+ieyPM^C@&juhr41Kickrz4g?DUUU>ldpuVqI>ZOR`bhJC`uD+i>&ev^ zNzb6hdyGhe_Obte@8KXoA*jsD&+SECcj-H)ccK6HmdxJ||69XXW91`|B5Gcx#1`abyk`+It-s!r8fO?Gv6S6%sA z1=Z{-@Wn1h^Hc_W|dEZQS}62Cbvd5Zn1( zS4Zcp22Ri1|4P3$VBiq&y0qM%DlsxL3JVLHgmLhE?pUKFHqSg>phC0>XIa0E-c~(7 z9A9O6weBiMeCGd3asC1J&~H3yURhG=zG})+YJnPR8?$w))E?7C64F8Cl7z?r5mF!v z+*<*_-{lr}jWW$D=WVELG83#Naut6a-D@Dpz@3zMb#HYL%BpwlPMr1|z_}aSdcGFi zI*p7ha|)ow0BM>QOzx4#Nl_>0H92o@4JK%Udf*CM-A6mP{%g23z$>z2g90L85I{kI zLkU*a(TPBW7O{tQ!kI}+zrQv(H+wD7a`m-$8R4lUo)260q}{Qp6Qm23tDOJuU6>)u zl{;=pK8~M8g7x|(1HdaI${R_>bA;;d)9Zg~yKoa@4KdT&4^f%TUv99l)`1k33O|7`?E7>YEV&YGa z-T4bLS~;COX$84o+F_NPfq93;|7ybk;m!ajL)l z;!L)tFK6Q4h|c8N#zOhm02YHAVYo4X$%nT=W)vL?H4(>N=TRSQ6peW zc0AUWJ`YUkh}uR%Rbq$f9J4a-0Z3=qyGz$0o+5a3QOaf&O$;Hzs&C({)xbDj3-EX+ z|8)CCZQw8ra+A4k?#+Y^(VKSJuzsB)$~uls&Fy!dS5xQlg`*8Qup`U7cdJB5Yz1q} zQ^uc#9VTp!2o#^~k54Ecqf_~z;6?9c+$H?;t_yk_05{Ecd1rHb7Ii_eea9yGqAO?< z@msr{5j#U)Gvf2`!`pMaNQP-p$Y+p&`!6EVqDXc6@}dMHU?#XV$f-x_-$6HDYjFEU zk=SX)kRMy;T@*tigRvT=2{xddH>k;!Q1FO^A|0h7b4R@HLnkDj7hE+RI1n|v&2Pe> zN5jxNW0_H&?m?#N$pYKF$Kc?oZch?4vm8>Yw1&yKoQ(5A;GA&cAG#Xy`$fOM4YROpYLl~RP4 zlu0LO@|N`Q()oC$DsQ#&M5-CH%4hn!@u`ociVvSonXQa#Px{bXz zW8GXtVPCT+LecFtn?u373{>bKgn5^-)eYSy+Tl+Biiz(AkM%KngH6R$bX_jRb1K;` zXLP%{VT~cb*GBr_w!O#|^8$5RQZzD8IbgFj`#plpX*SJ{y}>B|wuC*$;Dr%wnel4P z77<|;*Qk+hRTs42IQjR_&`QAK`G;dR>S5z74a~W8XHF&)J?GBra920Q(C1N(?;BQn zMKPHp%_g5KSeMF5UOwe~Ih%*D!oZ&nx7bmw*RudQ>+F7soE#+Zf2 zv2+$<^@lIaecLT|Xpf`c2ukGeeoJwA9(}aCw+&EbsRIl36 zUl?T>`hyytnF@Wly)G)7rs>sfeM8~uGthpTu_Sch*^lA)Gv(I0-LAV)ybC3jaw5*c zkP_t`4nObkoF9fiF#9OHjd`pm$X_z`e))^NV+H$Ew99?gA3>pi1^v1;2C)P2<`R`j z!=`22)TgqsPD7e5{=2uRikDQdjD}uT5N7{Z&$wMIhRZ8shxyUEI2ywY%7ru@J35mS zyUvR*B?P#s21O9QVXn%x1Kol#gI-wF2e%iq!B=o~L0p&WBl4Uxn%wFA!ove06r*r% z8<%f00P6uj>c*KsABi>_mh$SaU%(hs&ld=~g=%FwrX;4=>*aQlPZC=a(=PX?gOAFp zpB_`%ZIe@gn`O5NB}qRZRMr#tw*3<+bN_(8lZfPh)M|=i*10$4F4!Kz2OVI9=gm12SU8!xrYXr78!0qLZ{-se{!y4vd5(J_5H|W zvItJ%*$r(a+9p+%0^z}lF<*~0bXc;zTEu-P&jbsTPVRcMWY5{%&X_^4M@41RyDtZr z>@OZywfj~<^kr9@*7LgA zrCD;2z_W;gti)jG4sZ)e&7O@fJ@bqLsmO=4hLlTv7-b#hg`z5f7{mO?e2y8X z_{YCE)%^<2bJd4IBcC3Fsy05e=Oe&Y$9J&RaV+5+ouQbX%Um)(1^gx3PFc!6H!(vk z-Bar~`#)Nf1Fbyjm@XyVQK!-VnS##!$U5&ZALym55nRu( z`lIzNs2F=r*-^GO{j8Gwsad{Wq1Au(yC0PqHe)A}JK|3FW%g5WGiva8b`>};0llr! z*}9bq0fmXb+K>+*!9FjB*A;Cd3S%Xb4KWa|cXL;2_&YOtL z*>Fxyr|LZRn|*YcrE#Ba)BMd*W%X}p>C7E$KY)g2-qZfpG_mN;=;qh6%SxkOos-Vc ziUvrOZrE%0){pkgm=a1v278M|IVtXdN9H_89$Gg-kqIPEg<=e{5>Q+c$!~J$URI>< zm+Z)?!)NN>fyfjHhA>_osQ>AjlZ19fD+1Pxq>-V7c!Dr0v!K)r3|X z+tY~}ITGE)r0J;QT86-wz@1Q#FB1bFsb*g@5$u^fl&Ssh9w+S(p;Yu$Qgmmn1DZED ztKzXU4ToU;F+H}JBVE}t3D&;o%|ZQ#it<31`4Tf~l|P}?w8l!Gx$2A4eE8fcP$ zYhvs;oubSzgoSezgvEvaYRbKZnR2M)-Po6@7g`qfj-weS*-ez+z@oIY8DC}pwJrja_uxbWo!2?hTzC{>tMxOq`rg@*qoM-9xQk4^XxN=&jRbiE5S%H>or}-~P0& zI#aq|z}6&t>Ei8E`dTK2X8}!N4{%k>uQK6~xBVW-X-&GjU^kk|#($%#Wk+l>^FiSH zLBmiwyH0yWFa+HC!!zQYPAcc+9;&#mD&F^)b`Sg&{ERfH{uP(WE{~Bjn%^7YeTck) zTjcM$vK@wuu?Yq8aHaNh{yrA(xV`a^RF7Ud>9hd?fdKpr=Ej_!#*MJ#0-ec^L1w}3 zs&Pny1usqcO=xDym4CT{mxM}|o=|KfJ~*S&U}~)x4=;2HxMa4uV!A?ETT#Burt!FN zNU9|~tO>XrF|`};YUA{-R7bjQ5ISnbW^i)QDzXLPS})hc#hHAh(jK2N9{E5`E2 z#C0V#Jcqtp8@Pk;=0<&n>gK_ewnX1!Jntd6{Z)E#v^f&zUi*?t1i{3$1@yjk4eK(P z|L7AR^B(j8DIdnssIHEeDMSfAU3&M(C*?wpa9siC9lB%m$xJmDobabl2_%OeN0F~C zbuJrLN*~8AC@DkbHT|WO%2Ql3x2!@;Sxhxjx-ovqmKJ-=nN=pW;Eg{weK{}|6i-r2 zHRuPI{Kiwkj)$;D8|Pl+-?^@#1G5a1D3yq`KKhE0mQdmr&cH8KAmeC)>L9?+B-oRc zftsbNfhi8dmI*A?$)vB_^@nRKrD|B5=yq^UJiNfO2@53^+00cu{t-pmD4^ii?+F{q z5&1aP$-?Qvc$p2o0$pkS5LG`mO^*07<42Ok&q+ymaSeHh(z+kr1jRjFCz?@8evGX) zfXrfbp_W5jxSIB$O|7gGr;<|l;FXRJKF4oY6dwNu@U z7(IO+zie@|TgKl0rvm30$ktr#aQ~~nH64lw&CARC_3PKbz(8eXWo&Hh>8YbFn}9%8 zzxP#)9G`}k9yTTkHUZZD5#VEb>}S8iBceCiVW)fgefHJ8TliF%rAJnpwTJ+=f1PSO zMWT@W?Y&Kdg5dA!h*Kv3}wShOOG*2 z_Ddf$D!!Uk!~F&(eC~xVI$(6pbHz#)Aqqx2ziIc`3<+o|L;!q*<$c1;A;Il7I4V56 znwpxyD6T)oNf3yGIO2HQMMp%ZAr3x%0#UhA3A-d$Ltvope$!ALXZ;|EJVr=^Mq%;q zJBPPz)$I&7_scr=`eFe6*YbY6#JVFxmzI`bt?Rs5URqiT2M>=3*Sh>b53}CZ-|CZ+ zlKREbMv+Jh@+s-r;Ra9Ug*|)6vWAO11(u5a4pPz4TRk0>4E;u3Q}&_7%FglT{QCN$ zPhB~w{8}QmIuhqovYM{?8erdU-&V$C8poVEliRz!HlFyn0GDZuEo>*Q2WY#wT0?=O|8q+FajNbjg`E-ou&|Jtn10P4mqtRmzU?K;%v?K8Se|15&>_Kvu1ytVhg+n zv4T3nvYtfD80KZ^ja)6aheQXfcDB(rT19nrwRBBQP%_Sp%cl*4zMku&Yz{l>CX7U+ z+ZKt?CPzy%-e%r0{$H3n+5=-n_O0o4lZ}oYM(dHt!2zz>kD9s+{H1BUN`)RBTH~uX z&g@tnn#c%tBU_^l;lIw_Y!~3+5eo8`dX3?^@sxnP+poUk6so#B4jJ;p7M(Y1^jFbB zVd8`T{#iQb#|eEtJv*zatn_H3K*y`!*xVe9q7FQ7v6$6tus0l}la-T^si49lj?$)& z4+X}(!QHG2GLHKpLW887#M$~yMust#Mmz3fqT@c8HQ`(b-7_+LztV&?ViE$A{T|Bx z#*7OShn3#z*}F@{D-Io7*a4~jm~{>NXEm2qE8gmSGPL$%471#WS2eACm{gen<9V zZMUD(z0RA*j#dgqJRF=>EMOJ;-u5;wDXG4u=D)2iP z&temM)tNyKCiT_oH2G}8m(89Tsqt{Wf4r9t0!7o?WmSG}QzuSR>j`7RP`6W8SJ!X9 zu~!WKEpK--{FdTH*Za{5F+0)P*ORK=VtR>jw!G4?Cq{|Sx*-Uo*_JvvgI79!b{fp#GJvEclf@$Ri{gN|#-3aOt! zn%C{zY?Nu7A0jH6wf2;>4AXCO0cia6?hKvfZl)WZhVn>ik%5+&SoK!V{`7q?)Ve7= z`YI8ahO1RC-nLe2GPp#f<*vg?wdT~YzeDgbp!!R-ZMzwVc*r?n>mny2^wZst8p;S% z{I_P#reduYmBM%dgLsIuO)7G&3yA$9QS|~Hv8wVn-j1GEH__N-Aj*PLx6I+Op!?`* zsZQ-!4l8zIZ)oD!1W-|VjF%`nSjWoIa-Q`koZ0kJHw-^{uBU9lFO;F1M<%x3>LwHL zS8CVgaDd?ZeZ@jLDOEZ~I`W~q%DAeyy1I=Gu3J<)mv23FEWg+;JJ6;O-c(>M<%vgAJ?gt=Po_eLu<_EO9hbX)u6|9AOEGZ`L9_By)xb z2gAaw()iK*C!QYfF4oozX~%V%s;ehPN74Bt+VMq;Cw~UQ0#MY-(S4oo{UM4=bvCou z>B(5^7pKF83LC$bON2C>`dD0v(j_%+tW0zA!d<{EH~Ka|^F$`$!;_fl^GN}^Z3;2; zi8FTsDZH+t>hK508|ySjI%=-X8M?)e;VBdqOII;xCLby@gVAMQR`ykb^-QL-N+`ze zSQHl`&}cZ$Izi%ac=$FQTblrz@ z_4~SvDfDU1(Pk{#3VHDDowYfTMXV-V>3UR%voN6Q+P<9#H!&|S|Ax(eD@;XHrf-EQ z&q$cB#5f?$r`9r1(?grhE?j1uX?Y``$+e07FqDdgWo&sT5@Hq%8lGZ69m^?e)DYuG zP5xUT!co4IU?kR79NV_;mPMmNylLPygA0kk0ZpGw0huMuKJ63gET1aXSp}=HRcuLO zokc+tacMM|{WOWk#0%j@o749cF49VA&6=60yqK+KuTT!FbcW3UoM1=UGBvl~8#%1V z;75|tb6Gr6&y0L^O1x?1zUaXF?HWhk*=R*1&Av9xqpRFs@b%V2YJ zbLAJGv^DjfD~0GWp1f!NFJHdUhKiu6kc^*^xT{VNxK#A*ycjK z8_+)$JD18~U=X)CuA(C%250KbFtA5#4xML}^E-CDfoyGV1@WDz=|U=1_8_$BN0kcM zNc#)=G8eSmxX3*7)QRW_;^!7XmBB z0XlaGe!MogmzWnCLW-8JJjK*=1Jm@ar5P&2hur*@Tdy@rB*5Q^Z zC4b^uU5XMYxQECtvzOX%{&9_suRQ-c` zO5b)Ut{R)9IAaM)%uzN0`z$j&7N1yVcKjuUaD&)bM)Zysj0OIfv+DH+_7fT(R_JjI z=$NRVwW^1xPcgffi3judKJe`KZe8&=FgIh4f@#b7jO3O`-rGQA+OZ3H6z}hnD{eaT zYcj=;$!YF70E!ZR%jo4$nJ~rP+CSyfQLl6S&&xC)T;VrrRCIJE=Kf+jKfqk4-Q_bL zD07wPO#U;WaKX}}O$1HFS1 zCWlptoaP)Vz7F54X$j@#)IM#I)%oPWU>;iZuy*4h4Lf_+<+o(g4t{CO{L7qj6G_12 zW$&ni=|9~ru|lme^XIBRpEt~cAz>5MZAR}go$w_2+zG9M^sJz5xO{GFG3`-Y6>Zi) zn*mmqs&@*5EW90u8AbSa)Qo@kE;*a4upa{hnRQ#zvau*^f3JP9ZW{Kg|1pvf7UYAM zbXoZs4+jftsqf9V2}$*)nkzcdnv~pmG|6mJI^^~BGV)xXxk8*oF*i$@t1=s&J~d_4 z9`*J(zb`-Vk_Oq)i>AX(J4rpE(H@M{9ANAFtJYiCsM7NhyfWt1r=o{R%Xl(%7wF<_ zDe*r@8wue}(l@WLB}kUoDPmZds!u2o;xwv-eC)Xo1XJX%F7a7n*`8F!<`;TPw&u? zqczYsma%hv+l5W!gU|Rpv#moGb+;D0f+=pcohj48NO7Q8J36h&cs*UgDl#jH>;|Ma z@GFH_7;THTqJAB8&W2Mj@{w5lDLYl+wW_h=w`NZznYQ6!Qe0hKnv~n#q^F4%u8u@7 zKWF&9g12vJiVrWbG73W6rSB;*o8P<52?Lx}t%vMs$_aGlbz7ZTdUmypyuNu#%Ufyr z$;sjVR8lAbqrXG(IzAe)@lGNMOSB2A*3Ye08eI0Me(|yw>D9l;TXZXgHU~Fg58AAQ zIEdMy8Z%7X>$9Jea;Z{X-I&idc{o0x0c5mPVzJ*}!Grn1+k&jA<=*q<1TgXiWP^kk zaZzsQv9!>b`l8k;w^}$(spv7j2VI~Lns&#>NS_y0JgSN3yQ9~9AsuE;(90U$DP%^5 z$?+CF4ZzlEoC=-mXcq7h9nC_sQf0#J-tk+)cvTFX_keLH;O8 z9Gg~@asq1>ikf%mnLcKd%CpXop;L+?Y!Q}!R&}9VXC+}4xxrdE;O`qDj(0I5=ZR0J znUAdd`U!AmnO!ze+dh%G9%Wf9GudT7Q?aAeE@A4!p8+`@lCGiJ7?C=m7Boph_j-#WtzLxaHpydVy z#G1;$$;rvi4(hk@o`De%hy?{ZZv0uFSJkzZ?w0yBW(UM(=cbNRWj$2Cn{mv4I)B2o zm?;U`6y5!=44>^4dPOKKL+Sqho|>9^W_A`80WM6e%aj!r6}7vo3%1u(ik$zK2KeT0 zmXA zUbS2R>{qr1>}3gqzyG`N!FmV!?_w?Cf7m}TFc0BBHUvywhw?vi2W$bQfl1^1_bCAw z(D&cPf3W=P)enXLpQ5CcYF$)vYU#y{0ub>u4gcqD`zPMAb?qV^8mnR#94bTQpZ|Fq dl4N>!F1TBW9kL37>b({zEiNxsAz~Q#{{S-$C;tEd literal 0 HcmV?d00001 diff --git a/windows/client-management/introduction-page-file.md b/windows/client-management/introduction-page-file.md new file mode 100644 index 0000000000..662ae5f90e --- /dev/null +++ b/windows/client-management/introduction-page-file.md @@ -0,0 +1,70 @@ +--- +title: Introduction to the page file +description: Learn about the page files in Windows. +ms.prod: w10 +ms.sitesec: library +ms.topic: troubleshooting +author: Deland-Han +ms.localizationpriority: medium +ms.author: delhan +ms.reviewer: greglin +manager: willchen +--- + +# Introduction to page files + +A page file (also known as a "paging file") is an optional, hidden system file on a hard disk. + +## Functionality + +Page files have the following functionalities. + +### Physical extension of RAM + +Page files enable the system to remove infrequently accessed modified pages from physical memory to let the system use physical memory more efficiently for more frequently accessed pages. + +### Application requirements + +Some products or services require a page file for various reasons. For specific information, check the product documentation. + +For example, the following Windows servers requires page files: + +- Windows Server domain controllers (DCs) +- DFS Replication (DFS-R) servers +- Certificate servers +- ADAM/LDS servers + +This is because the algorithm of the database cache for Extensible Storage Engine (ESENT, or ESE in Microsoft Exchange Server) depends on the "\Memory\Transition Pages RePurposed/sec" performance monitor counter. A page file is required to make sure that the database cache can release memory if other services or applications request memory. + +For Windows Server 2012 Hyper-V and Windows Server 2012 R2 Hyper-V, the page file of the management OS (commonly called the host OS) should be left at the default of setting of "System Managed" . + +### Support for system crash dumps + +Page files can be used to "back" (or support) system crash dumps and extend how much system-committed memory (also known as “virtual memory”) a system can support. + +For more information about system crash dumps, see [system crash dump options](system-failure-recovery-options.md#under-write-debugging-information). + +## Page files in Windows with large physical memory + +When large physical memory is installed, a page file might not be required to support the system commit charge during peak usage. For example, 64-bit versions of Windows and Windows Server support more physical memory (RAM) than 32-bit versions support. The available physical memory alone might be large enough. + +However, the reason to configure the page file size has not changed. It has always been about supporting a system crash dump, if it is necessary, or extending the system commit limit, if it is necessary. For example, when a lot of physical memory is installed, a page file might not be required to back the system commit charge during peak usage. The available physical memory alone might be large enough to do this. However, a page file or a dedicated dump file might still be required to back a system crash dump. + +## System committed memory + +Page files extend how much "committed memory" (also known as "virtual memory") is used to store modified data. + +The system commit memory limit is the sum of physical memory and all page files combined. It represents the maximum system-committed memory (also known as the "system commit charge") that the system can support. + +![Task manager](images/task-manager.png) + +The system commit charge is the total committed or "promised" memory of all committed virtual memory in the system. If the system commit charge reaches the system commit limit, the system and processes might not get committed memory. This condition can cause freezing, crashing, and other malfunctions. Therefore, make sure that you set the system commit limit high enough to support the system commit charge during peak usage. + +![Out of memory](images/out-of-memory.png) + +![Task Manager](images/task-manager-commit.png) + +The system committed charge and system committed limit can be measured on the **Performance** tab in Task Manager or by using the "\Memory\Committed Bytes" and "\Memory\Commit Limit" performance counters. The \Memory\% Committed Bytes In Use counter is a ratio of \Memory\Committed Bytes to \Memory\Commit Limit values. + +>[!Note] +>System-managed page files automatically grow up to three times the physical memory or 4 GB (whichever is larger) when the system commit charge reaches 90 percent of the system commit limit. This assumes that enough free disk space is available to accommodate the growth. diff --git a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md index 300711d733..5bdd2eaf0f 100644 --- a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md +++ b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md @@ -50,17 +50,17 @@ New-CimInstance -Namespace $namespaceName -ClassName $className -Property @{Pare Get-CimInstance -Namespace $namespaceName -ClassName $className # Query instances with matching properties -Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" +Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" # Modify existing instance -$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" +$obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" $obj.WLANScanMode=500 Set-CimInstance -CimInstance $obj # Delete existing instance try { - $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" + $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT/Policy/Config' and InstanceID='WiFi'" Remove-CimInstance -CimInstance $obj } catch [Exception] @@ -113,9 +113,9 @@ $session = New-CimSession # Create a new instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $newInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $newInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $newInstance.CimInstanceProperties.Add($property) $property = [Microsoft.Management.Infrastructure.CimProperty]::Create("AllowEAPCertSSO", 1, "Sint32", "Property") $newInstance.CimInstanceProperties.Add($property) @@ -138,9 +138,9 @@ $session.EnumerateInstances($namespaceName, $className, $options) # with matching properties ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -155,9 +155,9 @@ catch [Exception] # Modify existing instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -174,9 +174,9 @@ catch [Exception] # Delete existing instance for MDM_Policy_User_Config01_Authentication02 ########################################################################## $getInstance = New-Object Microsoft.Management.Infrastructure.CimInstance $className, $namespaceName -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("ParentID", './Vendor/MSFT/Policy/Config', "string", "Key") $getInstance.CimInstanceProperties.Add($property) -$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") +$property = [Microsoft.Management.Infrastructure.CimProperty]::Create("InstanceID", 'Authentication', "String", "Key") $getInstance.CimInstanceProperties.Add($property) try { @@ -209,7 +209,7 @@ $params.Add($param) try { - $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'" + $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='WindowsLicensing'" $session.InvokeMethod($namespaceName, $instance, $methodName, $params) } catch [Exception] diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md index 2c02926ece..da9546ba23 100644 --- a/windows/client-management/new-policies-for-windows-10.md +++ b/windows/client-management/new-policies-for-windows-10.md @@ -25,6 +25,232 @@ ms.topic: reference Windows 10 includes the following new policies for management. [Download the complete set of Administrative Template (.admx) files for Windows 10](https://www.microsoft.com/download/details.aspx?id=56121). + +## New Group Policy settings in Windows 10, version 1809 + +The following Group Policy settings were added in Windows 10, version 1809: + +**Start Menu and Taskbar** + +- Start Menu and Taskbar\Force Start to be either full screen size or menu size +- Start Menu and Taskbar\Remove "Recently added" list from Start Menu +- Start Menu and Taskbar\Remove All Programs list from the Start menu +- Start Menu and Taskbar\Remove frequent programs list from the Start Menu + +**System** + +- System\Group Policy\Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services +- System\Group Policy\Configure Applications preference extension policy processing +- System\Group Policy\Configure Data Sources preference extension policy processing +- System\Group Policy\Configure Devices preference extension policy processing +- System\Group Policy\Configure Drive Maps preference extension policy processing +- System\Group Policy\Configure Environment preference extension policy processing +- System\Group Policy\Configure Files preference extension policy processing +- System\Group Policy\Configure Folder Options preference extension policy processing +- System\Group Policy\Configure Folders preference extension policy processing +- System\Group Policy\Configure Ini Files preference extension policy processing +- System\Group Policy\Configure Internet Settings preference extension policy processing +- System\Group Policy\Configure Local Users and Groups preference extension policy processing +- System\Group Policy\Configure Network Options preference extension policy processing +- System\Group Policy\Configure Network Shares preference extension policy processing +- System\Group Policy\Configure Power Options preference extension policy processing +- System\Group Policy\Configure Printers preference extension policy processing +- System\Group Policy\Configure Regional Options preference extension policy processing +- System\Group Policy\Configure Registry preference extension policy processing +- System\Group Policy\Configure Scheduled Tasks preference extension policy processing +- System\Group Policy\Configure Services preference extension policy processing +- System\Group Policy\Configure Shortcuts preference extension policy processing +- System\Group Policy\Configure Start Menu preference extension policy processing +- System\Group Policy\Logging and tracing\Configure Applications preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Data Sources preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Devices preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Drive Maps preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Environment preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Files preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Folder Options preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Folders preference logging and tracing +- System\Group Policy\Logging and tracing\Configure INI Files preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Internet Settings preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Local Users and Groups preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Network Options preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Network Shares preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Power Options preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Printers preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Regional Options preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Registry preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Scheduled Tasks preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Services preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Shortcuts preference logging and tracing +- System\Group Policy\Logging and tracing\Configure Start Menu preference logging and tracing +- System\Kernel DMA Protection\Enumeration policy for external devices incompatible with Kernel DMA Protection +- System\OS Policies\Allow Clipboard History +- System\OS Policies\Allow Clipboard synchronization across devices + +**Windows Components** + +- Windows Components\Data Collection and Preview Builds\Configure Microsoft 365 Update Readiness upload endpoint +- Windows Components\Data Collection and Preview Builds\Disable deleting diagnostic data +- Windows Components\Data Collection and Preview Builds\Disable diagnostic data viewer +- Windows Components\Delivery Optimization\[Reserved for future use] Cache Server Hostname +- Windows Components\Location and Sensors\Windows Location Provider\Turn off Windows Location Provider +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\DFS Management +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\File Server Resource Manager +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Share and Storage Management +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Storage Manager for SANs +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\DFS Management Extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Disk Management Extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\File Server Resource Manager Extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Share and Storage Management Extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins\Storage Manager for SANS Extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Management Editor +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy Starter GPO Editor +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Application snap-ins +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Applications preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Computers) +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Control Panel Settings (Users) +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Data Sources preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Devices preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Drive Maps preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Environment preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Files preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folder Options preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Folders preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Ini Files preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Internet Settings preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Local Users and Groups preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Options preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Network Shares preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Power Options preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Preferences tab +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Printers preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Regional Options preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Registry preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Scheduled Tasks preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Services preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Shortcuts preference extension +- Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Preference snap-in extensions\Permit use of Start Menu preference extension +- Windows Components\OOBE\Don't launch privacy settings experience on user logon +- Windows Components\OOBE\Don't launch privacy settings experience on user logon +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Do not use Remote Desktop Session Host server IP address when virtual IP address is not available +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Select the network adapter to be used for Remote Desktop IP Virtualization +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn off Windows Installer RDS Compatibility +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibility\Turn on Remote Desktop IP Virtualization +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Allow remote start of unlisted programs +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Turn off Fair Share CPU Scheduling +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Allow time zone redirection +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow Clipboard redirection +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection\Redirect only the default client printer +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\RD Connection Broker\Use RD Connection Broker load balancing +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Allow desktop composition for remote desktop sessions +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Always show desktop on connection +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Do not allow font smoothing +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Remove remote desktop wallpaper +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\Set time limit for logoff of RemoteApp sessions +- Windows Components\Windows Defender Antivirus\Configure detection for potentially unwanted applications +- Windows Components\Windows Defender Antivirus\Scan\Configure low CPU priority for scheduled scans +- Windows Components\Windows Defender Application Guard\Allow camera and microphone access in Windows Defender Application Guard +- Windows Components\Windows Defender Application Guard\Allow users to trust files that open in Windows Defender Application Guard +- Windows Components\Windows Defender Application Guard\Allow Windows Defender Application Guard to use Root Certificate Authorities from the user’s device +- Windows Components\Windows Defender Application Guard\Configure additional sources for untrusted files in Windows Defender Application Guard +- Windows Components\Windows Hello for Business\Use Windows Hello for Business certificates as smart card certificates +- Windows Components\Windows Media Player\Do Not Show First Use Dialog Boxes +- Windows Components\Windows Media Player\Prevent Automatic Updates +- Windows Components\Windows Media Player\Prevent CD and DVD Media Information Retrieval +- Windows Components\Windows Media Player\Prevent Desktop Shortcut Creation +- Windows Components\Windows Media Player\Prevent Media Sharing +- Windows Components\Windows Media Player\Prevent Music File Media Information Retrieval +- Windows Components\Windows Media Player\Prevent Quick Launch Toolbar Shortcut Creation +- Windows Components\Windows Media Player\Prevent Radio Station Preset Retrieval +- Windows Components\Windows Media Player\Prevent Video Smoothing +- Windows Components\Windows Media Player\Networking\Configure HTTP Proxy +- Windows Components\Windows Media Player\Networking\Configure MMS Proxy +- Windows Components\Windows Media Player\Networking\Configure Network Buffering +- Windows Components\Windows Media Player\Networking\Configure RTSP Proxy +- Windows Components\Windows Media Player\Networking\Hide Network Tab +- Windows Components\Windows Media Player\Networking\Streaming Media Protocols +- Windows Components\Windows Media Player\Playback\Allow Screen Saver +- Windows Components\Windows Media Player\Playback\Prevent Codec Download +- Windows Components\Windows Media Player\User Interface\Do Not Show Anchor +- Windows Components\Windows Media Player\User Interface\Hide Privacy Tab +- Windows Components\Windows Media Player\User Interface\Hide Security Tab +- Windows Components\Windows Media Player\User Interface\Set and Lock Skin +- Windows Components\Windows Security\Account protection\Hide the Account protection area +- Windows Components\Windows Security\App and browser protection\Hide the App and browser protection area +- Windows Components\Windows Security\App and browser protection\Prevent users from modifying settings +- Windows Components\Windows Security\Device performance and health\Hide the Device performance and health area +- Windows Components\Windows Security\Device security\Disable the Clear TPM button +- Windows Components\Windows Security\Device security\Hide the Device security area +- Windows Components\Windows Security\Device security\Hide the Secure boot area +- Windows Components\Windows Security\Device security\Hide the Security processor (TPM) troubleshooter page +- Windows Components\Windows Security\Device security\Hide the TPM Firmware Update recommendation +- Windows Components\Windows Security\Enterprise Customization\Configure customized contact information +- Windows Components\Windows Security\Enterprise Customization\Configure customized notifications +- Windows Components\Windows Security\Enterprise Customization\Specify contact company name +- Windows Components\Windows Security\Enterprise Customization\Specify contact email address or Email ID +- Windows Components\Windows Security\Enterprise Customization\Specify contact phone number or Skype ID +- Windows Components\Windows Security\Enterprise Customization\Specify contact website +- Windows Components\Windows Security\Family options\Hide the Family options area +- Windows Components\Windows Security\Firewall and network protection\Hide the Firewall and network protection area +- Windows Components\Windows Security\Notifications\Hide all notifications +- Windows Components\Windows Security\Notifications\Hide non-critical notifications +- Windows Components\Windows Security\Systray\Hide Windows Security Systray +- Windows Components\Windows Security\Virus and threat protection\Hide the Ransomware data recovery area +- Windows Components\Windows Security\Virus and threat protection\Hide the Virus and threat protection area +- Windows Components\Windows Update\Display options for update notifications +- Windows Components\Windows Update\Remove access to "Pause updates" feature + +**Control Panel** + +- Control Panel\Settings Page Visibility +- Control Panel\Regional and Language Options\Allow users to enable online speech recognition services + +**Network** + +- Network\Windows Connection Manager\Enable Windows to soft-disconnect a computer from a network + + +## New Group Policy settings in Windows 10, version 1803 + +The following Group Policy settings were added in Windows 10, version 1803: + +**System** + +- System\Credentials Delegation\Encryption Oracle Remediation +- System\Group Policy\Phone-PC linking on this device +- System\OS Policies\Allow upload of User Activities + +**Windows Components** + +- Windows Components\App Privacy\Let Windows apps access an eye tracker device +- Windows Components\Cloud Content\Turn off Windows Spotlight on Settings +- Windows Components\Data Collection and Preview Builds\Allow device name to be sent in Windows diagnostic data +- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in setting user interface +- Windows Components\Data Collection and Preview Builds\Configure telemetry opt-in change notifications +- Windows Components\Delivery Optimization\Maximum Background Download Bandwidth (percentage) +- Windows Components\Delivery Optimization\Maximum Foreground Download Bandwidth (percentage) +- Windows Components\Delivery Optimization\Select the source of Group IDs +- Windows Components\Delivery Optimization\Delay background download from http (in secs) +- Windows Components\Delivery Optimization\Delay Foreground download from http (in secs) +- Windows Components\Delivery Optimization\Select a method to restrict Peer Selection +- Windows Components\Delivery Optimization\Set Business Hours to Limit Background Download Bandwidth +- Windows Components\Delivery Optimization\Set Business Hours to Limit Foreground Download Bandwidth +- Windows Components\IME\Turn on Live Sticker +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow video capture redirection +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Use hardware graphics adapters for all Remote Desktop Services sessions +- Windows Components\Search\Allow Cortana Page in OOBE on an AAD account +- Windows Components\Store\Disable all apps from Microsoft Store +- Windows Components\Text Input\Allow Uninstallation of Language Features +- Windows Components\Text Input\Improve inking and typing recognition +- Windows Components\Windows Defender Application Guard\Allow hardware-accelerated rendering for Windows Defender Application Guard +- Windows Components\Windows Defender Security Center\Account protection\Hide the Account protection area +- Windows Components\Windows Defender Security Center\Device security\Hide the Device security area +- Windows Components\Windows Defender Security Center\Device security\Hide the Security processor (TPM) troubleshooter page +- Windows Components\Windows Defender Security Center\Device security\Hide the Secure boot area +- Windows Components\Windows Defender Security Center\Virus and threat protection\Hide the Ransomware data recovery area + + ## New Group Policy settings in Windows 10, version 1709 The following Group Policy settings were added in Windows 10, version 1709: diff --git a/windows/client-management/system-failure-recovery-options.md b/windows/client-management/system-failure-recovery-options.md new file mode 100644 index 0000000000..04dcbbafc9 --- /dev/null +++ b/windows/client-management/system-failure-recovery-options.md @@ -0,0 +1,205 @@ +--- +title: Configure system failure and recovery options in Windows +description: Learn about the system failure and recovery options in Windows. +ms.prod: w10 +ms.sitesec: library +ms.topic: troubleshooting +author: Deland-Han +ms.localizationpriority: medium +ms.author: delhan +ms.date: 8/22/2019 +ms.reviewer: +manager: dcscontentpm +--- + +# Configure system failure and recovery options in Windows + +This article describes how to configure the actions that Windows takes when a system error (also referred to as a bug check, system crash, fatal system error, or Stop error) occurs. You can configure the following actions: + +- Write an event to the System log. + +- Alert administrators (if you have set up administrative alerts). + +- Put system memory into a file that advanced users can use for debugging. + +- Automatically restart the computer. + +>[!Note] +> You must be logged on as an administrator or a member of the Administrators group to complete this procedure. If your computer is connected to a network, network policy settings may prevent you from completing this procedure. + +## Configuring system failure and recovery options + +> [!IMPORTANT] +> Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, [back up the registry for restoration](https://support.microsoft.com/help/322756) in case problems occur. + +The options are available in the **Startup and Recovery** dialog box. You can also use the following methods: + +- Modify the values under the following registry subkey: + + **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl** + +- To modify the option on your local computer, use the command line utility (Wmic.exe) to access Windows Management Instrumentation (WMI). + +Follow these steps to view the options in **Startup and Recovery**. (The registry value and Wmic commands are also listed for each option.) + +1. In Control Panel, select **System and Security > System**. + +2. Select **Advanced system settings**, select the **Advanced** tab, and select **Settings** in the **Startup and Recovery** area. + +### Under "System failure" + +Select the check boxes for the actions that you want Windows to perform when a system error occurs. + +#### Write an event to the System log + +This option specifies that event information is recorded in the System log. By default, this option is turned on. + +To turn off this option, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set WriteToSystemLog = False + ``` + +- Set the **LogEvent** DWORD value to **0**. + +#### Send an administrative alert + +The option specifies that administrators are notified of the system error if you configured administrative alerts. By default, this option is turned on. + +To turn off this option, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set SendAdminAlert = False + ``` + +- Set the **SendAlert** DWORD value to **0**. + +#### Automatically restart + +The option specifies that Windows automatically restarts your computer. By default, this option is turned on. + +To turn off this option, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set AutoReboot = False + ``` + +- Set the **AutoReboot** DWORD value to **0**. + +### Under "Write debugging information" + +Select one of the following type of information that you want Windows to record in a memory dump file if the computer stops unexpectedly: + +#### (none) + +The option does not record any information in a memory dump file. + +To specify that you do not want Windows to record information in a memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugInfoType = 0 + ``` +- Set the **CrashDumpEnabled** DWORD value to **0**. + +#### Small Memory Dump + +The option records the smallest amount of information to help identify the problem. This option requires a paging file of at least 2 megabytes (MB) on the boot volume of your computer, and specifies that Windows will create a new file each time the system stops unexpectedly. A history of these files is stored in the folder that is listed under Small Dump Directory (%SystemRoot%\Minidump). In Windows XP and Windows Server 2003, the small memory dump file is used together with the Windows Error Reporting feature. + +To specify that you want to use a small memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugInfoType = 3 + ``` + +- Set the **CrashDumpEnabled** DWORD value to **3**. + +To specify that you want to use a folder as your Small Dump Directory, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set MiniDumpDirectory = + ``` + +- Set the **MinidumpDir** Expandable String Value to \. + +#### Kernel Memory Dump + +The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the **Overwrite any existing file** check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer However, the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB. On a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB. The following table provides guidelines for the size of the paging file: + +|RAM size |Paging file should be no smaller than| +|-------|-----------------| +|256 MB–1,373 MB |1.5 times the RAM size| +|1,374 MB or greater |32-bit system: 2 GB plus 16 MB
      64-bit system: size of the RAM plus 128 MB| + +To specify that you want to use a kernel memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugInfoType = 2 + ``` + +- Set the **CrashDumpEnabled** DWORD value to **2**. + +To specify that you want to use a file as your memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugFilePath = + ``` + +- Set the **DumpFile** Expandable String Value to \. + +To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set OverwriteExistingDebugFile = 0 + ``` + +- Set the **Overwrite** DWORD value to **0**. + +#### Complete Memory Dump + +The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers that have 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default. + +The extra megabyte is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full megabyte of space, but Windows sizes your paging file in increments of megabytes. + +To specify that you want to use a complete memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugInfoType = 1 + ``` + +- Set the **CrashDumpEnabled** DWORD value to **1**. + +To specify that you want to use a file as your memory dump file, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set DebugFilePath = + ``` + +- Set the DumpFile Expandable String Value to \. + +To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value: + +- ```cmd + wmic recoveros set OverwriteExistingDebugFile = 0 + ``` + +- Set the **Overwrite** DWORD value to **0**. + +>[!Note] +>If you contact Microsoft Support about a Stop error, you might be asked for the memory dump file that is generated by the Write Debugging Information option. + +To view system failure and recovery settings for your local computer, type **wmic recoveros** at a command prompt, and then press Enter. To view system failure and recovery settings for a remote computer on your local area network, type **wmic /node: recoveros** at a command prompt, and then press Enter. + +>[!Note] +>To successfully use these Wmic.exe command line examples, you must be logged on by using a user account that has administrative rights on the computer. If you are not logged on by using a user account that has administrative rights on the computer, use the **/user:user_name** and **/password:password** switches. + +### Tips + +- To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature. + +- If you set the Kernel Memory Dump or the Complete Memory Dump option, and you select the **Overwrite any existing file** check box, Windows always writes to the same file name. To save individual dump files, click to clear the **Overwrite any existing file** check box, and then change the file name after each Stop error. + +- You can save some memory if you click to clear the **Write an event to the system log** and **Send an administrative alert** check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB. + +## References + +[Varieties of Kernel-Mode Dump Files](https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/varieties-of-kernel-mode-dump-files) diff --git a/windows/client-management/troubleshoot-windows-startup.md b/windows/client-management/troubleshoot-windows-startup.md index 1dcdb40a64..70bda5a8f5 100644 --- a/windows/client-management/troubleshoot-windows-startup.md +++ b/windows/client-management/troubleshoot-windows-startup.md @@ -14,8 +14,40 @@ manager: dansimp # Advanced troubleshooting for Windows start-up issues -In these topics, you will learn how to troubleshoot common problems related to Windows start-up. +In these topics, you will learn how to troubleshoot common problems that are related to Windows startup. -- [Advanced troubleshooting for Windows boot problems](advanced-troubleshooting-boot-problems.md) -- [Advanced troubleshooting for Stop error or blue screen error](troubleshoot-stop-errors.md) -- [Advanced troubleshooting for Windows-based computer freeze issues](troubleshoot-windows-freeze.md) +## How it works + +When Microsoft Windows experiences a condition that compromises safe system operation, the system halts. These Windows startup problems are categorized in the following groups: + +- Bug check: Also commonly known as a system crash, a kernel error, or a Stop error. + +- No boot: The system may not produce a bug check but is unable to start up into Windows. + +- Freeze: Also known as "system hang". + +## Best practices + +To understand the underlying cause of Windows startup problems, it's important that the system be configured correctly. Here are some best practices for configuration: + +### Page file settings + +- [Introduction of page file](introduction-page-file.md) + +- [How to determine the appropriate page file size for 64-bit versions of Windows](determine-appropriate-page-file-size.md) + +### Memory dump settings + +- [Configure system failure and recovery options in Windows](system-failure-recovery-options.md) + +- [Generate a kernel or complete crash dump](generate-kernel-or-complete-crash-dump.md) + +## Troubleshooting + +These articles will walk you through the resources you need to troubleshoot Windows startup issues: + +- [Advanced troubleshooting for Windows boot problems](https://docs.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-boot-problems) + +- [Advanced troubleshooting for Stop error or blue screen error](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-stop-errors) + +- [Advanced troubleshooting for Windows-based computer freeze issues](https://docs.microsoft.com/en-us/windows/client-management/troubleshoot-windows-freeze) diff --git a/windows/configuration/kiosk-mdm-bridge.md b/windows/configuration/kiosk-mdm-bridge.md index b08ebebd2c..51eeccc08b 100644 --- a/windows/configuration/kiosk-mdm-bridge.md +++ b/windows/configuration/kiosk-mdm-bridge.md @@ -35,7 +35,8 @@ Here’s an example to set AssignedAccess configuration: $nameSpaceName="root\cimv2\mdm\dmmap" $className="MDM_AssignedAccess" $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className -$obj.Configuration = @" +Add-Type -AssemblyName System.Web +$obj.Configuration = [System.Web.HttpUtility]::HtmlEncode(@" @@ -84,7 +85,7 @@ $obj.Configuration = @" -"@ +"@) Set-CimInstance -CimInstance $obj ``` diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md index 0cce8e0389..e71e615d1f 100644 --- a/windows/deployment/update/how-windows-update-works.md +++ b/windows/deployment/update/how-windows-update-works.md @@ -16,7 +16,7 @@ ms.topic: article # How does Windows Update work? ->Applies to: Windows 10 +> Applies to: Windows 10 The Windows Update workflow has four core areas of functionality: @@ -35,7 +35,7 @@ The Windows Update workflow has four core areas of functionality: ### Install -1. Orchestrator initates the installation. +1. Orchestrator initiates the installation. 2. The arbiter calls the installer to install the package. @@ -96,8 +96,8 @@ When users start scanning in Windows Update through the Settings panel, the foll ![Windows Update scan log 2](images/update-scan-log-2.png) - Common service IDs - >[!IMPORTANT] - >ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses. + > [!IMPORTANT] + > ServiceId here identifies a client abstraction, not any specific service in the cloud. No assumption should be made of which server a serviceId is pointing to, it's totally controlled by the SLS responses. |Service|ServiceId| |-------|---------| @@ -116,8 +116,8 @@ Common update failure is caused due to network issues. To find the root of the i - "SOAP faults" can be either client- or server-side issues; read the message. - The WU client uses SLS (Service Locator Service) to discover the configurations and endpoints of Microsoft network update sources – WU, MU, Flighting. - >[!NOTE] - >Warning messages for SLS can be ignored if the search is against WSUS/SCCM. + > [!NOTE] + > Warning messages for SLS can be ignored if the search is against WSUS/SCCM. - On sites that only use WSUS/SCCM, the SLS may be blocked at the firewall. In this case the SLS request will fail, and can’t scan against Windows Update or Microsoft Update but can still scan against WSUS/SCCM, since it’s locally configured. ![Windows Update scan log 3](images/update-scan-log-3.png) diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md index 49efd6e3b2..02b95b42a5 100644 --- a/windows/deployment/update/waas-overview.md +++ b/windows/deployment/update/waas-overview.md @@ -132,7 +132,7 @@ Specialized systems—such as devices that control medical equipment, point-of-s > [!NOTE] > Windows 10 Enterprise LTSB is a separate Long Term Servicing Channel version. > ->Long-term Servicing channel is not intended for deployment on most or all the devicess in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel. +> Long-term Servicing channel is not intended for deployment on most or all the devices in an organization; it should be used only for special-purpose devices. As a general guideline, a device with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel. Microsoft never publishes feature updates through Windows Update on devices that run Windows 10 Enterprise LTSB. Instead, it typically offers new LTSC releases every 2–3 years, and organizations can choose to install them as in-place upgrades or even skip releases over a 10-year life cycle. diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md index fda8dac6f6..1b5f466c3f 100644 --- a/windows/deployment/update/waas-servicing-differences.md +++ b/windows/deployment/update/waas-servicing-differences.md @@ -25,8 +25,8 @@ Today, many enterprise customers have a mix of modern and legacy client and serv The following provides an initial overview of how updating client and server differs between the Windows 10-era Operating Systems (such as, Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2). ->[!NOTE] ->A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc. +> [!NOTE] +> A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc. ## Infinite fragmentation Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates. @@ -87,6 +87,12 @@ Moving to the cumulative model for legacy OS versions continues to improve predi ## Public preview releases Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. +> [!NOTE] +> Only preview updates for the most recent release of Windows 10 are published to Windows Server Update Services (WSUS). For customers using the WSUS channel, and products such as System Center Configuration Manager that rely on it, will not see preview updates for older versions of Windows 10. + +> [!NOTE] +> Preview updates for Windows 10 are not named differently than their LCU counterparts and do not contain the word 'Preview'. They can be identified by their release date (C or D week) and their classification as non-security updates. + ### Examples Windows 10 version 1709: - (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot. diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 423c82f71c..8ba5c114c5 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -8,8 +8,10 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: deploy -audience: itpro author: greg-lindsay -ms.audience: itpro author: greg-lindsay +audience: itpro +author: greg-lindsay +ms.audience: itpro +author: greg-lindsay ms.localizationpriority: medium ms.collection: M365-analytics ms.topic: article @@ -53,12 +55,12 @@ If you've followed the steps in the [Enrolling devices in Windows Analytics](win ### Devices not appearing in Upgrade Readiness -In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and verify that you are subscribed to the Windows Analytics solutions you intend to use. +In Log Analytics workspace, go to **Solutions** and verify that you are subscribed to the Windows Analytics solutions you intend to use. Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices within a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://techcommunity.microsoft.com/t5/Windows-Analytics-Blog/You-can-now-check-on-the-status-of-your-computers-within-hours/ba-p/187213) on the Tech Community Blog. >[!NOTE] -> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** remove the Upgrade Readiness solution, and then re-add it. +> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id, See [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started). If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues: @@ -230,9 +232,7 @@ We have identified an incompatibility between AbnormalShutdownCount and the Limi If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps: -1. Unsubscribe from the Upgrade Readiness solution in Azure Portal. In Azure Portal, go to **Settings** > **Connected Sources** > **Windows Telemetry** and choose the **Unsubscribe** option. - - ![Upgrade Readiness unsubscribe](images/upgrade-analytics-unsubscribe.png) +1. Delete the Upgrade Readiness solution in Log Analytics workspace. In Log Analytics workspace. select **Solutions** > **Compatibility Assessment** > **Delete**. 2. Disable the Commercial Data Opt-in Key on computers running Windows 7 SP1 or 8.1. On computers running Windows 10, set the diagnostic data level to **Security**: diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index c98b9d29d0..ead5fd7aaf 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -1,126 +1,132 @@ ---- -title: Windows Update - Additional resources -description: Additional resources for Windows Update -ms.prod: w10 -ms.mktglfcycl: -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.localizationpriority: medium -ms.audience: itpro author: greg-lindsay -ms.date: 09/18/2018 -ms.reviewer: -manager: laurawi -ms.topic: article ---- - -# Windows Update - additional resources - ->Applies to: Windows 10 - -The following resources provide additional information about using Windows Update. - -## WSUS Troubleshooting - -[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/) - -[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/) - -[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/) - -[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/) - - -## How do I reset Windows Update components? - -[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data. - - -[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update. - - -## Reset Windows Update components manually -1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER: - ``` - cmd - ``` -2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` - net stop bits - net stop wuauserv - ``` -3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER: - ``` - Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat" - ``` -4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above. - 1. Rename the following folders to *.BAK: - - %systemroot%\SoftwareDistribution\DataStore - - %systemroot%\SoftwareDistribution\Download - - %systemroot%\system32\catroot2 - - To do this, type the following commands at a command prompt. Press ENTER after you type each command. - - Ren %systemroot%\SoftwareDistribution\DataStore *.bak - - Ren %systemroot%\SoftwareDistribution\Download *.bak - - Ren %systemroot%\system32\catroot2 *.bak - 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) - - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) -5. Type the following command at a command prompt, and then press ENTER: - ``` - cd /d %windir%\system32 - ``` -6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - - regsvr32.exe atl.dll - - regsvr32.exe urlmon.dll - - regsvr32.exe mshtml.dll - - regsvr32.exe shdocvw.dll - - regsvr32.exe browseui.dll - - regsvr32.exe jscript.dll - - regsvr32.exe vbscript.dll - - regsvr32.exe scrrun.dll - - regsvr32.exe msxml.dll - - regsvr32.exe msxml3.dll - - regsvr32.exe msxml6.dll - - regsvr32.exe actxprxy.dll - - regsvr32.exe softpub.dll - - regsvr32.exe wintrust.dll - - regsvr32.exe dssenh.dll - - regsvr32.exe rsaenh.dll - - regsvr32.exe gpkcsp.dll - - regsvr32.exe sccbase.dll - - regsvr32.exe slbcsp.dll - - regsvr32.exe cryptdlg.dll - - regsvr32.exe oleaut32.dll - - regsvr32.exe ole32.dll - - regsvr32.exe shell32.dll - - regsvr32.exe initpki.dll - - regsvr32.exe wuapi.dll - - regsvr32.exe wuaueng.dll - - regsvr32.exe wuaueng1.dll - - regsvr32.exe wucltui.dll - - regsvr32.exe wups.dll - - regsvr32.exe wups2.dll - - regsvr32.exe wuweb.dll - - regsvr32.exe qmgr.dll - - regsvr32.exe qmgrprxy.dll - - regsvr32.exe wucltux.dll - - regsvr32.exe muweb.dll - - regsvr32.exe wuwebv.dll -7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER: - ``` - netsh winsock reset - ``` -8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER: - ``` - proxycfg.exe -d - ``` -9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. - ``` - net start bits - - net start wuauserv - ``` -10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER: - ``` - bitsadmin.exe /reset /allusers - ``` +--- +title: Windows Update - Additional resources +description: Additional resources for Windows Update +ms.prod: w10 +ms.mktglfcycl: +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.localizationpriority: medium +ms.audience: itpro +author: greg-lindsay +ms.date: 09/18/2018 +ms.reviewer: +manager: laurawi +ms.topic: article +--- + +# Windows Update - additional resources + +>Applies to: Windows 10 + +The following resources provide additional information about using Windows Update. + +## WSUS Troubleshooting + +[Troubleshooting issues with WSUS client agents](https://support.microsoft.com/help/10132/) + +[How to troubleshoot WSUS](https://support.microsoft.com/help/4025764/) + +[Error 80244007 when WSUS client scans for updates](https://support.microsoft.com/help/4096317/) + +[Updates may not be installed with Fast Startup in Windows 10](https://support.microsoft.com/help/4011287/) + + +## How do I reset Windows Update components? + +[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data. + + +[This script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allow reset the Windows Update Agent resolving issues with Windows Update. + + +## Reset Windows Update components manually +1. Open a Windows command prompt. To open a command prompt, click **Start > Run**. Copy and paste (or type) the following command and then press ENTER: + ``` + cmd + ``` +2. Stop the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. + ``` + net stop bits + net stop wuauserv + ``` +3. Delete the qmgr\*.dat files. To do this, type the following command at a command prompt, and then press ENTER: + ``` + Del "%ALLUSERSPROFILE%\Application Data\Microsoft\Network\Downloader\qmgr*.dat" + ``` +4. If this is your first attempt at resolving your Windows Update issues by using the steps in this article, go to step 5 without carrying out the steps in step 4. The steps in step 4 should only be performed at this point in the troubleshooting if you cannot resolve your Windows Update issues after following all steps but step 4. The steps in step 4 are also performed by the "Aggressive" mode of the Fix it Solution above. + 1. Rename the following folders to *.BAK: + - %systemroot%\SoftwareDistribution\DataStore + - %systemroot%\SoftwareDistribution\Download + - %systemroot%\system32\catroot2 + + To do this, type the following commands at a command prompt. Press ENTER after you type each command. + - Ren %systemroot%\SoftwareDistribution\DataStore *.bak + - Ren %systemroot%\SoftwareDistribution\Download *.bak + - Ren %systemroot%\system32\catroot2 *.bak + 2. Reset the BITS service and the Windows Update service to the default security descriptor. To do this, type the following commands at a command prompt. Press ENTER after you type each command. + - sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) + - sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU) +5. Type the following command at a command prompt, and then press ENTER: + ``` + cd /d %windir%\system32 + ``` +6. Reregister the BITS files and the Windows Update files. To do this, type the following commands at a command prompt. Press ENTER after you type each command. + + ``` + regsvr32.exe atl.dll + regsvr32.exe urlmon.dll + regsvr32.exe mshtml.dll + regsvr32.exe shdocvw.dll + regsvr32.exe browseui.dll + regsvr32.exe jscript.dll + regsvr32.exe vbscript.dll + regsvr32.exe scrrun.dll + regsvr32.exe msxml.dll + regsvr32.exe msxml3.dll + regsvr32.exe msxml6.dll + regsvr32.exe actxprxy.dll + regsvr32.exe softpub.dll + regsvr32.exe wintrust.dll + regsvr32.exe dssenh.dll + regsvr32.exe rsaenh.dll + regsvr32.exe gpkcsp.dll + regsvr32.exe sccbase.dll + regsvr32.exe slbcsp.dll + regsvr32.exe cryptdlg.dll + regsvr32.exe oleaut32.dll + regsvr32.exe ole32.dll + regsvr32.exe shell32.dll + regsvr32.exe initpki.dll + regsvr32.exe wuapi.dll + regsvr32.exe wuaueng.dll + regsvr32.exe wuaueng1.dll + regsvr32.exe wucltui.dll + regsvr32.exe wups.dll + regsvr32.exe wups2.dll + regsvr32.exe wuweb.dll + regsvr32.exe qmgr.dll + regsvr32.exe qmgrprxy.dll + regsvr32.exe wucltux.dll + regsvr32.exe muweb.dll + regsvr32.exe wuwebv.dll + ``` + +7. Reset Winsock. To do this, type the following command at a command prompt, and then press ENTER: + ``` + netsh winsock reset + ``` +8. If you are running Windows XP or Windows Server 2003, you have to set the proxy settings. To do this, type the following command at a command prompt, and then press ENTER: + ``` + proxycfg.exe -d + ``` +9. Restart the BITS service and the Windows Update service. To do this, type the following commands at a command prompt. Press ENTER after you type each command. + ``` + net start bits + + net start wuauserv + ``` +10. If you are running Windows Vista or Windows Server 2008, clear the BITS queue. To do this, type the following command at a command prompt, and then press ENTER: + ``` + bitsadmin.exe /reset /allusers + ``` diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md index f468627408..0a503b2010 100644 --- a/windows/deployment/upgrade/setupdiag.md +++ b/windows/deployment/upgrade/setupdiag.md @@ -213,7 +213,7 @@ Each rule name and its associated unique rule identifier are listed with a descr 8. CompatBlockedApplicationAutoUninstall – BEBA5BC6-6150-413E-8ACE-5E1EC8D34DD5 - This rule indicates there is an application that needs to be uninstalled before setup can continue. 9. CompatBlockedApplicationDismissable - EA52620B-E6A0-4BBC-882E-0686605736D9 - - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat /ignore warning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing. + - When running setup in /quiet mode, there are dismissible application messages that turn into blocks unless the command line also specifies “/compat ignorewarning”. This rule indicates setup was executed in /quiet mode but there is an application dismissible block message that have prevented setup from continuing. 10. CompatBlockedApplicationManualUninstall - 9E912E5F-25A5-4FC0-BEC1-CA0EA5432FF4 - This rule indicates that an application without an Add/Remove Programs entry, is present on the system and blocking setup from continuing. This typically requires manual removal of the files associated with this application to continue. 11. HardblockDeviceOrDriver - ED3AEFA1-F3E2-4F33-8A21-184ADF215B1B diff --git a/windows/deployment/windows-autopilot/autopilot-support.md b/windows/deployment/windows-autopilot/autopilot-support.md index b3e02db65f..b93ac48408 100644 --- a/windows/deployment/windows-autopilot/autopilot-support.md +++ b/windows/deployment/windows-autopilot/autopilot-support.md @@ -7,7 +7,8 @@ ms.mktglfcycl: deploy ms.localizationpriority: low ms.sitesec: library ms.pagetype: deploy -audience: itpro author: greg-lindsay +audience: itpro +author: greg-lindsay ms.author: greglin ms.date: 10/31/2018 ms.reviewer: @@ -29,9 +30,8 @@ Before contacting the resources listed below for Windows Autopilot-related issue |---------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | OEM or Channel Partner registering devices as a CSP (via MPC) | Use the help resources available in MPC. Whether you are a named partner or a channel partner (distributor, reseller, SI, etc.), if you’re a CSP registering Autopilot devices through MPC (either manually or through the MPC API), your first-line of support should be the help resources within MPC. | | OEM registering devices using OEM Direct API | Contact MSOEMOPS@microsoft.com. Response time depends on priority:
      Low – 120 hours
      Normal – 72 hours
      High – 24 hours
      Immediate – 4 hours | -| OEM with a PFE | Reach out to your PFE for support. | | Partners with a Partner Technology Strategist (PTS) | If you have a PTS (whether you’re a CSP or not), you may first try working through your account’s specific Partner Technology Strategist (PTS). | -| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. | +| Partners with an Ecosystem PM | If you have an Ecosystem PM (whether you’re a CSP or not), you may first try working through your account’s specific Ecosystem PM, especially for technical issues. To learn more about Ecosystem PMs and the services they offer, contact epsoinfo@microsoft.com. | | Enterprise customers | Contact your Technical Account Manager (TAM), or Account Technology Strategist (ATS), or Customer Service Support (CSS) representative. | | End-user | Contact your IT administrator. | | Microsoft Partner Center (MPC) users | Use the [help resources](https://partner.microsoft.com/support) available in MPC. | diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md index 9aa928f3f9..1baaf03dea 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-requirements.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements.md @@ -46,9 +46,10 @@ Windows Autopilot depends on a variety of internet-based services. Access to the In environments that have more restrictive Internet access, or for those that require authentication before internet access can be obtained, additional configuration may be required to whitelist access to the required services. For additional details about each of these services and their specific requirements, review the following details:
      ServiceInformation -
      Windows Autopilot Deployment Service and Windows ActivationAfter a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 builds 18204 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com.
      - -For all supported Windows 10 releases, Windows Autopilot also uses Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about problems that might occur when you connect to the Internet through a proxy server. +
      Windows Autopilot Deployment ServiceAfter a network connection is in place, each Windows 10 device will contact the Windows Autopilot Deployment Service. With Windows 10 version 1903 and above, the following URLs are used: https://ztd.dds.microsoft.com, https://cs.dds.microsoft.com.
      + +
      Windows ActivationWindows Autopilot also requires Windows Activation services. See Windows activation or validation fails with error code 0x8004FE33 for details about the URLs that need to be accessible for the activation services.
      +
      Azure Active DirectoryUser credentials are validated by Azure Active Directory, and the device can also be joined to Azure Active Directory. See Office 365 IP Address and URL Web service for more information.
      IntuneOnce authenticated, Azure Active Directory will trigger enrollment of the device into the Intune MDM service. See the following link for details about network communication requirements: Intune network configuration requirements and bandwidth.
      Windows UpdateDuring the OOBE process, as well as after the Windows 10 OS is fully configured, the Windows Update service is leveraged to retrieve needed updates. If there are problems connecting to Windows Update, see How to solve connection problems concerning Windows Update or Microsoft Update.
      diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index eabfaa9012..57a7a4c18d 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,7 +50,7 @@ sections: text: " - + diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md index a583960ecd..b8b2673d47 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md @@ -113,7 +113,7 @@ You can do this by using either the Control Panel or the Deployment Image Servic You can also enable Windows Defender Credential Guard by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337). ``` -DG_Readiness_Tool_v3.5.ps1 -Enable -AutoReboot +DG_Readiness_Tool_v3.6.ps1 -Enable -AutoReboot ``` > [!IMPORTANT] > When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSArch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. @@ -136,7 +136,7 @@ You can view System Information to check that Windows Defender Credential Guard You can also check that Windows Defender Credential Guard is running by using the [Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337). ``` -DG_Readiness_Tool_v3.5.ps1 -Ready +DG_Readiness_Tool_v3.6.ps1 -Ready ``` > [!IMPORTANT] > When running the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool on a non-English operating system, within the script, change `*$OSArch = $(gwmi win32_operatingsystem).OSArchitecture` to be `$OSAch = $((gwmi win32_operatingsystem).OSArchitecture).tolower()` instead, in order for the tool to work. diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md index 662c89648d..3da855c332 100644 --- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md +++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md @@ -332,6 +332,7 @@ The Group Policy object contains the policy settings needed to trigger Windows H > * PIN **must** be in at least one of the groups > * Trusted signals **must** be combined with another credential provider > * You cannot use the same unlock factor to satisfy both categories. Therefore, if you include any credential provider in both categories, it means it can satisfy either category, but not both. +> * The multifactor unlock feature is also supported via the Passport for Work CSP. See [Passport For Work CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp) for more information. 1. Start the **Group Policy Management Console** (gpmc.msc) 2. Expand the domain and select the **Group Policy Object** node in the navigation pane. diff --git a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index 5ee54b85a9..6ae66b3225 100644 --- a/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -82,6 +82,10 @@ Microsoft still has apps that are unenlightened, but which have been tested and - Skype for Business ## Adding enlightened Microsoft apps to the allowed apps list + +> [!NOTE] +> As of January 2019 it is no longer necessary to add Intune Company Portal as an exempt app since it is now included in the default list of protected apps. + You can add any or all of the enlightened Microsoft apps to your allowed apps list. Included here is the **Publisher name**, **Product or File name**, and **App Type** info for both Microsoft Intune and System Center Configuration Manager. diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 0852a6c1be..fab8cb5a31 100644 --- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -35,6 +35,7 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc |-----------------------------|---------------------------------------------------------------------| |Office 365 for Business |
      • contoso.sharepoint.com
      • contoso-my.sharepoint.com
      • contoso-files.sharepoint.com
      • tasks.office.com
      • protection.office.com
      • meet.lync.com
      • teams.microsoft.com
      | |Yammer |
      • www.yammer.com
      • yammer.com
      • persona.yammer.com
      | +|Outlook Web Access (OWA) |attachments.office.net | |Microsoft Dynamics |contoso.crm.dynamics.com | |Visual Studio Online |contoso.visualstudio.com | |Power BI |contoso.powerbi.com | diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md index 6ad79e3e33..7d1e22bb7a 100644 --- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md +++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md @@ -65,7 +65,7 @@ Detailed Tracking security policy settings and audit events can be used to monit - [Audit Process Termination](audit-process-termination.md) - [Audit RPC Events](audit-rpc-events.md) - [Audit Credential Validation](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-credential-validation) - > **Note:** For more information, see [Security Monitoring](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/) +- [Audit Token Right Adjusted](https://docs.microsoft.com/windows/security/threat-protection/auditing/audit-token-right-adjusted) ## DS Access diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md new file mode 100644 index 0000000000..a4fb47fef4 --- /dev/null +++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md @@ -0,0 +1,27 @@ +--- +title: Audit Token Right Adjusted (Windows 10) +description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Token Right Adjusted, which determines whether the operating system generates audit events when specific changes are made to the privileges of a token. +--- + +# Audit Token Right Adjusted + +**Applies to** +- Windows 10 +- Windows Server 2016 + + +Audit Token Right Adjusted allows you to audit events generated by adjusting the privileges of a token. + +For more information, see [Security Monitoring: A Possible New Way to Detect Privilege Escalation](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/). + +| Computer Type | General Success | General Failure | Stronger Success | Stronger Failure | Comments | +|-------------------|-----------------|-----------------|------------------|------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Domain Controller | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | +| Member Server | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | +| Workstation | IF | No | IF | No | IF – With Success auditing for this subcategory, you can get information related to changes to the privileges of a token.
      However, if you are using an application or system service that dynamically adjusts token privileges, we do not recommend Success auditing because of the high volume of event “[4703](event-4703.md)(S): A user right was adjusted” that may be generated. As of Windows 10, event 4703 is generated by applications or services that dynamically adjust token privileges. An example of such an application is System Center Configuration Manager, which makes WMI queries at recurring intervals and quickly generates a large number of 4703 events (with the WMI activity listed as coming from **svchost.exe**).
      If one of your applications or services is generating a large number of 4703 events, you might find that your event-management software has filtering logic that can automatically discard the recurring events, which would make it easier to work with Success auditing for this category.
      This subcategory doesn’t have Failure events, so there is no recommendation to enable Failure auditing for this subcategory. | + +**Events List:** + +- [4703](event-4703.md)(S): A user right was adjusted. + +**Event volume**: High. diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md index 934f310147..9964b6f390 100644 --- a/windows/security/threat-protection/auditing/event-5155.md +++ b/windows/security/threat-protection/auditing/event-5155.md @@ -24,35 +24,46 @@ By default Windows firewall won't prevent a port from being listened by an appli You can add your own filters using the WFP APIs to block listen to reproduce this event: . -There is no event example in this document. - ***Subcategory:*** [Audit Filtering Platform Connection](audit-filtering-platform-connection.md) -***Event Schema:*** +***Event Description:*** -*The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.* +This event generates every time the [Windows Filtering Platform](https://docs.microsoft.com/windows/win32/fwp/windows-filtering-platform-start-page) blocks an application or service from listening on a port for incoming connections. -*Application Information:* +
      -> *Process ID:%1* -> -> *Application Name:%2* - -*Network Information:* - -> *Source Address:%3* -> -> *Source Port:%4* -> -> *Protocol:%5* - -*Filter Information:* - -> *Filter Run-Time ID:%6* -> -> *Layer Name:%7* -> -> *Layer Run-Time ID:%8* +***Event XML:*** +```xml + + + + 5155 + 0 + 0 + 12810 + 0 + 0x8010000000000000 + + 42196 + + + Security + NATHAN-AGENT2 + + + + 2628 + \device\harddiskvolume2\users\test\desktop\netcat\nc.exe + 0.0.0.0 + 5555 + 6 + 84576 + %%14609 + 40 + + +``` ***Required Server Roles:*** None. @@ -60,6 +71,76 @@ There is no event example in this document. ***Event Versions:*** 0. +***Field Descriptions:*** + +**Application Information**: + +- **Process ID** \[Type = Pointer\]: Hexadecimal Process ID (PID) of the process which was permitted to bind to the local port. The PID is a number used by the operating system to uniquely identify an active process. To see the PID for a specific process you can, for example, use Task Manager (Details tab, PID column): + + Task manager illustration + + If you convert the hexadecimal value to decimal, you can compare it to the values in Task Manager. + + You can also correlate this process ID with a process ID in other events, for example, “[4688](event-4688.md): A new process has been created” **Process Information\\New Process ID**. + + + +- **Application Name** \[Type = UnicodeString\]**:** Full path and the name of the executable for the process. + + Logical disk is displayed in the format \\device\\harddiskvolume\#. You can get all local volume numbers by using the **diskpart** utility. The command to get volume numbers using diskpart is “**list volume**”: + +DiskPart illustration + +**Network Information:** + +- **Source Address** \[Type = UnicodeString\]**:** The local IP address of the computer running the application. + + - IPv4 Address + + - IPv6 Address + + - :: - all IP addresses in IPv6 format + + - 0.0.0.0 - all IP addresses in IPv4 format + + - 127.0.0.1 , ::1 - localhost + +- **Source Port** \[Type = UnicodeString\]**:** The port number used by the application. + +- **Protocol** \[Type = UInt32\]: the protocol number being used. + +| Service | Protocol Number | +|----------------------------------------------------|-----------------| +| Internet Control Message Protocol (ICMP) | 1 | +| Transmission Control Protocol (TCP) | 6 | +| User Datagram Protocol (UDP) | 17 | +| General Routing Encapsulation (PPTP data over GRE) | 47 | +| Authentication Header (AH) IPSec | 51 | +| Encapsulation Security Payload (ESP) IPSec | 50 | +| Exterior Gateway Protocol (EGP) | 8 | +| Gateway-Gateway Protocol (GGP) | 3 | +| Host Monitoring Protocol (HMP) | 20 | +| Internet Group Management Protocol (IGMP) | 88 | +| MIT Remote Virtual Disk (RVD) | 66 | +| OSPF Open Shortest Path First | 89 | +| PARC Universal Packet Protocol (PUP) | 12 | +| Reliable Datagram Protocol (RDP) | 27 | +| Reservation Protocol (RSVP) QoS | 46 | + +**Filter Information:** + +- **Filter Run-Time ID** \[Type = UInt64\]: A unique filter ID which blocks the application from binding to the port. By default, Windows firewall won't prevent a port from binding to an application, and if this application doesn’t match any filters, you will get a 0 value in this field. + + To find a specific Windows Filtering Platform filter by ID, you need to execute the following command: **netsh wfp show filters**. As a result of this command, a **filters.xml** file will be generated. You need to open this file and find the specific substring with the required filter ID (**<filterId>**), for example: + + Filters.xml file illustration + +- **Layer Name** \[Type = UnicodeString\]: [Application Layer Enforcement](https://msdn.microsoft.com/library/windows/desktop/aa363971(v=vs.85).aspx) layer name. + +- **Layer Run-Time ID** \[Type = UInt64\]: Windows Filtering Platform layer identifier. To find a specific Windows Filtering Platform layer ID, you need to execute the following command: **netsh wfp show state**. As result of this command, a **wfpstate.xml** file will be generated. You need to open this file and find the specific substring with the required layer ID (**<layerId>**), for example: + +Wfpstate xml illustration + ## Security Monitoring Recommendations - If you use Windows Filtering Platform APIs to block application or services from listening on a port, then you can use this event for troubleshooting and monitoring. diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 91f7206e6d..1edd7842a6 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -274,9 +274,12 @@ B. If you experience software or device malfunction after using the above proced C. If you experience a critical error during boot or your system is unstable after using the above procedure to turn on HVCI, you can recover using the Windows Recovery Environment (Windows RE). To boot to Windows RE, see [Windows RE Technical Reference](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference). After logging in to Windows RE, you can turn off HVCI by renaming or deleting the SIPolicy.p7b file from the file location in step 3 above and then restart your device. -## How to turn off HVCI on the Windows 10 Fall Creators Update +## How to turn off HVCI -1. Rename or delete the SIPolicy.p7b file located at C:\Windows\System32\CodeIntegrity. +1. Run the following command from an elevated prompt to set the HVCI registry key to off +```ini +reg add "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 0 /f +``` 2. Restart the device. 3. To confirm HVCI has been successfully disabled, open System Information and check **Virtualization-based security Services Running**, which should now have no value displayed. diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md index 89c574f14d..0d2841c46b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md @@ -40,7 +40,7 @@ Entities are the starting point for Automated investigations. When an alert cont >- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/en-us/help/4493464/windows-10-update-kb4493464)) or later >- Later versions of Windows 10 -The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view. +The Automated investigation starts by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view. ### Details of an Automated investigation @@ -85,4 +85,4 @@ The default machine group is configured for semi-automatic remediation. This mea When a pending action is approved, the entity is then remediated and this new state is reflected in the **Entities** tab of the investigation. ## Related topic -- [Learn about the automated investigations dashboard](manage-auto-investigation.md) \ No newline at end of file +- [Learn about the automated investigations dashboard](manage-auto-investigation.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md index a7ff6da08f..40cbdce038 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md @@ -55,7 +55,7 @@ For more information about disabling local list merging, see [Prevent or allow u > If controlled folder access is configured with Group Policy, PowerShell, or MDM CSPs, the state will change in the Windows Security app after a restart of the device. > If the feature is set to **Audit mode** with any of those tools, the Windows Security app will show the state as **Off**. ->If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive. +> If you are protecting user profile data, we recommend that the user profile should be on the default Windows installation drive. ## Intune @@ -63,7 +63,7 @@ For more information about disabling local list merging, see [Prevent or allow u 1. Click **Device configuration** > **Profiles** > **Create profile**. 1. Name the profile, choose **Windows 10 and later** and **Endpoint protection**. ![Create endpoint protection profile](../images/create-endpoint-protection-profile.png) -1. Click **Configure** > **Windows Defender Exploit Guard** > **Network filtering** > **Enable**. +1. Click **Configure** > **Windows Defender Exploit Guard** > **Controlled folder access** > **Enable**. 1. Type the path to each application that has access to protected folders and the path to any additional folder that needs protection and click **Add**. ![Enable controlled folder access in Intune](../images/enable-cfa-intune.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md index 6dff3ffaae..c9543f40e7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md @@ -67,7 +67,8 @@ Machines with similar tags can be handy when you need to apply contextual action Use the following registry key entry to add a tag on a machine: - Registry key: `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection\DeviceTagging\` -- Registry key value (string): Group +- Registry key name: `Group` +- Registry key value (REG_SZ): `Name of the tag you want to set` >[!NOTE] >The device tag is part of the machine information report that's generated once a day. As an alternative, you may choose to restart the endpoint that would transfer a new machine information report. diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index f5dbb8135e..0c8c9f14f6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -23,12 +23,12 @@ ms.date: 04/11/2019 The cybersecurity weaknesses identified in your organization are mapped to actionable security recommendations and prioritized by their impact on the security recommendation list. Prioritized recommendation helps shorten the mean time to mitigate or remediate vulnerabilities and drive compliance. -Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and SCCM. It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment. +Each security recommendation includes an actionable remediation recommendation which can be pushed into the IT task queue through a built-in integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). It is also dynamic in the sense that when the threat landscape changes, the recommendation also changes as it continuously collect information from your environment. ## The basis of the security recommendation Each machine in the organization is scored based on three important factors: threat, likelihood to be breached, and value, to help customers to focus on the right things at the right time. -- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the correponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports. +- Threat - Characteristics of the vulnerabilities and exploits in your organizations' devices and breach history. Based on these factors, the security recommendations shows the corresponding links to active alerts, ongoing threat campaigns, and their corresponding threat analytic reports. - Breach likelihood - Your organization's security posture and resilience against threats @@ -36,7 +36,7 @@ Each machine in the organization is scored based on three important factors: thr ## Navigate through your security recommendations -You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need as you require it. +You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need, as you require it. There are security recommendations for application, operating system, network, accounts, and security controls. diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md index 8a376e6b4f..d3d0816760 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md @@ -35,14 +35,13 @@ The following table lists and explains the allowed encryption types. | Encryption type | Description and version support | | - | - | -| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
      Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES| by default. +| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function
      Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. | | DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function
      Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10 and Windows Server 2008 R2 operating systems do not support DES by default. | | RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function
      Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2.| | AES128_HMAC_SHA1| Advanced Encryption Standard in 128 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
      Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. | | AES256_HMAC_SHA1| Advanced Encryption Standard in 256 bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).
      Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003. Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10 and Windows Server 2008 R2. | | Future encryption types| Reserved by Microsoft for additional encryption types that might be implemented.| -  - + ### Possible values diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md index 404e3d39cf..b95dce5844 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md @@ -41,7 +41,7 @@ Tool|Deployment options (2)|Management options (net Microsoft Intune|[Add endpoint protection settings in Intune](https://docs.microsoft.com/intune/endpoint-protection-configure)|[Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure)| [Use the Intune console to manage devices](https://docs.microsoft.com/intune/device-management) System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection point site system role][] and [enable Endpoint Protection with custom client settings][]|With [default and customized antimalware policies][] and [client management][]|With the default [Configuration Manager Monitoring workspace][] and [email alerts][] Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][] -PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][] +PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][] Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][] Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index da2a6a8dcd..21be43c179 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -166,6 +166,12 @@ Once the Intune changes are propagated to the enrolled devices, you can see them ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) +## Troubleshooting + +Issue: No license found + +Solution: Follow the steps above to create a device profile using WindowsDefenderATPOnboarding.xml + ## Logging installation issues For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) . diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md index 6f92fd0056..8aae066fd4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md @@ -1,6 +1,6 @@ --- title: Microsoft recommended block rules (Windows 10) -description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Comntrol, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies. +description: To help you plan and begin the initial test stages of a deployment of Microsoft Windows Defender Application Control, this article outlines how to gather information, create a plan, and begin to create and test initial code integrity policies. keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md index c39a63739c..d79135d66a 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md @@ -33,9 +33,17 @@ These settings, located at **Computer Configuration\Administrative Templates\Net |Policy name|Supported versions|Description| |-----------|------------------|-----------| |Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| -|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Notes: 1) Include a full domain name in the configuration, for example **www.contoso.com**, to trust only in this literal value. 2) You may optionally use "." as a wildcard character to automatically trust subdomains on only one level of the domain hierarchy that is to the left of the dot. Configuring **".constoso.com"** will automatically trust **"local.contoso.com"**, **"shop.contoso.com"**, and all other values on the left. 3) You may optionally use ".." as a wildcard character to automatically trust subdomains on all the levels of the domain hierarchy that are to the left of the dots. Configuring **"..constoso.com"** will automatically trust **"us.shop.contoso.com"**, **"trainning.contoso.com"**, and all other values on the left. | -|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment.| - +|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| +|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| + +## Network isolation settings wildcards + +|Value|Number of dots to the left|Meaning| +|-----|--------------------------|-------| +|contoso.com|0|Trust only the literal value of **contoso.com**.| +|www.contoso.com|0|Trust only the literal value of **www.contoso.com**.| +|.contoso.com|1|Trust any domain that ends with the text **contoso.com**. Matching sites include **spearphishingcontoso.com**, **contoso.com**, and **www.contoso.com**.| +|..contoso.com|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include **shop.contoso.com**, **us.shop.contoso.com**, **www.us.shop.contoso.com**, but NOT **contoso.com** itself.| ## Application-specific settings These settings, located at **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard**, can help you to manage your company's implementation of Application Guard. From 218a3a7c6240dcc864555846f3ea53623f2d4b42 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Tue, 10 Sep 2019 15:01:22 -0700 Subject: [PATCH 106/113] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 52f8406707..83cc6df9ec 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -6,7 +6,7 @@ keywords: privacy, manage connections to Microsoft, Windows 10 ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -ms.localizationpriority: medium +ms.localizationpriority: high author: medgarmedgar ms.author: v-medgar ms.date: 9/4/2019 From 6234a2946f3ee394cdde661e70d6d804dcd08bef Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Tue, 10 Sep 2019 15:02:19 -0700 Subject: [PATCH 107/113] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...windows-operating-system-components-to-microsoft-services.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index eb45f00618..043287b775 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -7,7 +7,7 @@ keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2 ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -ms.localizationpriority: medium +ms.localizationpriority: high audience: ITPro author: dansimp ms.author: dansimp From 64b2db1918e1c6bd9d78f3351f438b8f828880d9 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Tue, 10 Sep 2019 15:35:41 -0700 Subject: [PATCH 108/113] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...ows-operating-system-components-to-microsoft-services.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 043287b775..a8092f94f3 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -9,9 +9,9 @@ ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high audience: ITPro -author: dansimp -ms.author: dansimp -manager: dansimp +author: medgarmedgar +ms.author: v-medgar +manager: sanashar ms.collection: M365-security-compliance ms.topic: article ms.date: 8/23/2019 From 008411dc73e9c24801f38f8bb1bdeb387d4d4ee9 Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Tue, 10 Sep 2019 15:36:09 -0700 Subject: [PATCH 109/113] Update manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md --- ...ating-system-components-to-microsoft-services-using-MDM.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md index 83cc6df9ec..8211fc3089 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md @@ -7,9 +7,11 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: medgarmedgar ms.author: v-medgar -ms.date: 9/4/2019 +manager: sanashar +ms.date: 9/10/2019 --- # Manage connections from Windows 10 operating system components to Microsoft services using Microsoft Intune MDM Server From 9e930ce30887e6f77df504eecd78b9d8f591ab8f Mon Sep 17 00:00:00 2001 From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com> Date: Tue, 10 Sep 2019 15:36:29 -0700 Subject: [PATCH 110/113] Update manage-connections-from-windows-operating-system-components-to-microsoft-services.md --- ...windows-operating-system-components-to-microsoft-services.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index a8092f94f3..01c27df311 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -14,7 +14,7 @@ ms.author: v-medgar manager: sanashar ms.collection: M365-security-compliance ms.topic: article -ms.date: 8/23/2019 +ms.date: 9/10/2019 --- # Manage connections from Windows 10 operating system components to Microsoft services From 1a07121da1e7debde432b1ae7f1201e3e7f4a78d Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Tue, 10 Sep 2019 16:44:15 -0700 Subject: [PATCH 111/113] adding redirect for deleted page --- .openpublishing.redirection.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 95b887e08a..9fd0fbdf39 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -15326,6 +15326,11 @@ "source_path": "browsers/internet-explorer/ie11-deploy-guide/group-policy-compatability-with-ie11.md", "redirect_url": "/browsers/internet-explorer/ie11-deploy-guide/group-policy-compatibility-with-ie11", "redirect_document_id": true +}, +{ +"source_path": "devices/surface/surface.yml", +"redirect_url": "/surface/get-started", +"redirect_document_id": true } ] } From e439526014e4ddf3ee4b5daed7be1a0cad986aaf Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Tue, 10 Sep 2019 16:54:42 -0700 Subject: [PATCH 112/113] Update surface-hub-2s-connect.md --- devices/surface-hub/surface-hub-2s-connect.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index db57e3ee37..fad9783133 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -23,7 +23,7 @@ You can display content from your devices to Surface Hub 2S. If the source devic ## Recommended wired configurations -In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some configuration may be required to optimize the video-out experience; refer to the section below: [Mirroring Surface Hub 2S display on another device](#Mirroring-Surface-Hub-2S-display-on-another-device). +In general, it’s recommended to use native cable connections whenever possible such as USB-C to USB-C or HDMI to HDMI. Other combinations such as MiniDP to HDMI or MiniDP to USB-C will also work. Some additional configuration may be required to optimize the video-out experience, as described on this page. | **Connection** | **Functionality** | **Description**| | --- | --- | ---| From b37d545871db02672f865893d48fe5a6cf293872 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Tue, 10 Sep 2019 17:02:42 -0700 Subject: [PATCH 113/113] Update surface-hub-2s-connect.md --- devices/surface-hub/surface-hub-2s-connect.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-connect.md b/devices/surface-hub/surface-hub-2s-connect.md index fad9783133..312c9d3d2e 100644 --- a/devices/surface-hub/surface-hub-2s-connect.md +++ b/devices/surface-hub/surface-hub-2s-connect.md @@ -14,7 +14,7 @@ ms.localizationpriority: Medium --- # Connect devices to Surface Hub 2S -Surface Hub 2S lets you connect external devices, mirror the display on Surface Hub 2S to another device, and connect multiple third-party peripherals including video conference cameras, conference phones, and room system devices. +Surface Hub 2S enables you to connect external devices, mirror the display on Surface Hub 2S to another device, and connect multiple third-party peripherals including video conference cameras, conference phones, and room system devices. You can display content from your devices to Surface Hub 2S. If the source device is Windows-based, that device can also provide TouchBack and InkBack, which takes video and audio from the connected device and presents them on Surface Hub 2S. If Surface Hub 2S encounters a High-Bandwidth Digital Content Protection (HDCP) signal, such as a Blu-ray DVD player, the source is displayed as a black image.
      MessageDate
      September 2019 security update available for all supported versions of Windows
      The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, , follow us on Twitter @WindowsUpdate.
      		September 10, 2019
      09:34 AM PT
      September 2019 security update available for all supported versions of Windows
      The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
      		September 10, 2019
      09:34 AM PT
      Status update: Windows 10, version 1903 \"D\" optional release available August 30th
      The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
      		August 30, 2019
      08:00 AM PT
      Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
      We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
      		August 29, 2019
      04:39 PM PT
      Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
      Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
      		August 29, 2019
      08:00 AM PT